2 matches found
FreeBSD : lizard -- Negative size passed to memcpy resulting in memory corruption (67c2eb06-5579-4595-801b-30355be24654)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 67c2eb06-5579-4595-801b-30355be24654 advisory. - In Lizard v1.0 and LZ5 v2.0 the prior release, before the product was renamed, there is an unchecked...
CVE-2018-11498
CVE-2018-11498 affects Lizard v1.0 and LZ5 v2.0. A buffer size check is missing in Lizard_decompress_LIZv1 (lib/lizard_decompress_liz.h) during memcpy, enabling remote attackers to trigger denial of service or remote code execution with crafted input. Sources from CNVD/FreeBSD VuXML/NVD OSV corro...