Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-7960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer over-read via ...

5.5CVSS6.7AI score0.02001EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2024/08/13 3:39 p.m.33 views

USN-6958-1: Libcroco vulnerabilities

It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2017-7960 It was discovered th...

7.1CVSS6.8AI score0.12996EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2024/08/13 12:0 a.m.21 views

Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS : Libcroco vulnerabilities (USN-6958-1)

The remote Ubuntu 14.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6958-1 advisory. It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a hea...

7.1CVSS6.9AI score0.12996EPSS
Exploits7References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 5 : libcroco (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libcroco: Infinite loop in the crparserparseselectorcore function CVE-2017-8871 - The crinputnewfromuri...

7.8CVSS7AI score0.12996EPSS
Exploits7References4
Ubuntu
Ubuntu
added 2022/04/26 2:5 p.m.78 views

USN-5389-1: Libcroco vulnerabilities

It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service. CVE-2017-7960 It was discovered that Libcroco was incorrectly handling invali...

7.1CVSS7AI score0.12996EPSS
Exploits7
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.12996EPSS
Exploits7References4
Rosalinux
Rosalinux
added 2021/07/02 5:11 p.m.25 views

Advisory ROSA-SA-2021-1865

Software: libcroco 0.6.12 OS: Cobalt 7.9 CVE-ID: CVE-2017-7960 CVE-Crit: MEDIUM CVE-DESC: The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer re-read via a crafted CSS file. CVE-STATUS: default CVE-REV:...

7.1CVSS7.1AI score0.12996EPSS
Exploits7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2019:1468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.12996EPSS
Exploits7References7
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2020-1475)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.12996EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2020-1251)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.02001EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2019-2520)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.12996EPSS
Exploits7References2
OSV
OSV
added 2019/12/15 6:3 p.m.7 views

MGASA-2019-0389 Updated libcroco packages fix security vulnerability

Updated libcroco packages fix security vulnerabilities: Heap overflow input: check end of input before reading a byte CVE-2017-7960. Undefined behavior tknzr: support only max long rgb values CVE-2017-7961. Denial of service memory allocation error via a crafted CSS file CVE-2017-8834. Denial of...

7.8CVSS6.1AI score0.12996EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2019/06/19 12:0 a.m.34 views

openSUSE: Security Advisory for libcroco (openSUSE-SU-2019:1575-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.5AI score0.12996EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2019/06/13 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : libcroco (SUSE-SU-2019:1468-1)

This update for libcroco fixes the following issues : Security issues fixed : CVE-2017-7960: Fixed heap overflow input: check end of input before reading a byte bsc1034481. CVE-2017-7961: Fixed undefined behavior tknzr: support only max long rgb values bsc1034482. CVE-2017-8834: Fixed denial of...

7.8CVSS6.3AI score0.12996EPSS
Exploits7References13
OpenVAS
OpenVAS
added 2018/01/16 12:0 a.m.25 views

Debian: Security Advisory (DLA-909-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.02001EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.30 views

GLSA-201707-13 : libcroco: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201707-13 libcroco: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libcroco. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...

7.8CVSS6.8AI score0.02001EPSS
Exploits2References3
Debian
Debian
added 2017/04/23 11:46 a.m.23 views

[SECURITY] [DLA 909-1] libcroco security update

Package : libcroco Version : 0.6.6-2+deb7u1 CVE ID : CVE-2017-7960 CVE-2017-7961 Debian Bug : 860961 CVE-2017-7960 A heap-based buffer over-read vulnerability could be triggered remotely via a crafted CSS file to cause a denial of service. CVE-2017-7961 An "outside the range of representable valu...

7.8CVSS7.3AI score0.02001EPSS
Exploits2
NVD
NVD
added 2017/04/19 3:59 p.m.13 views

CVE-2017-7960

The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted CSS file...

5.5CVSS5.8AI score0.02001EPSS
Exploits1References4
OSV
OSV
added 2017/04/19 3:59 p.m.21 views

CVE-2017-7960

The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted CSS file...

5.5CVSS6.7AI score
Exploits0References4
CVE
CVE
added 2017/04/19 3:0 p.m.183 views

CVE-2017-7960

CVE-2017-7960 affects libcroco 0.6.11 and 0.6.12. The vulnerability is triggered by a crafted CSS file through the cr-input_new_from_uri function in cr-input.c, leading to a heap-based buffer over-read and a potential denial of service. Connected advisories (e.g., Red Hat, Ubuntu, EulerOS/NASL en...

5.5CVSS5.6AI score0.02001EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder