2 matches found
CVE-2018-11723
The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub...
CVE-2018-11723
The vulnerability CVE-2018-11723 affects libyal libpff (libpff_name_to_id_map_entry_read in libpff_name_to_id_map.c) through 2018-04-28. It allows a remote attacker to cause information disclosure via a crafted PFF file by triggering a heap-based buffer over-read. Public entries (SUSE, CNVD, OSV,...