14 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-20433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of...
RHEL 7 : aspell (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - aspell: UCS-2 and UCS-4 null-terminated string handling OOB read CVE-2019-20433 - libaspell.a in GNU Aspe...
RHEL 8 : aspell (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - aspell: UCS-2 and UCS-4 null-terminated string handling OOB read CVE-2019-20433 - libaspell.a in GNU Aspe...
RHEL 6 : aspell (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - aspell: UCS-2 and UCS-4 null-terminated string handling OOB read CVE-2019-20433 - libaspell.a in GNU Aspe...
Advisory ROSA-SA-2021-1806
Software: aspell 0.60.6.1 OS: Cobalt 7.9 CVE-ID: CVE-2019-20433 CVE-Crit: CRITICAL CVE-DESC: libaspell.a in GNU Aspell before 0.60.8 has a buffer reread for a string ending with one byte '\ 0' if the encoding is set to ucs-2 or ucs-4 outside the application. , as shown by the ASPELLCONF environme...
SUSE SLES11 Security Update : php53 (SUSE-SU-2020:14289-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14289-1 advisory. - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and...
SUSE: Security Advisory (SUSE-SU-2020:2807-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : aspell (SUSE-SU-2020:2807-1)
This update for aspell fixes the following security issue : CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding bsc1161982. Note that Tenable Network Security has extracted the preceding description block directly from the...
SUSE SLES12 Security Update : php72 (SUSE-SU-2020:0397-1)
This update for php72 fixes the following issues : Security issues fixed : CVE-2020-7059: Fixed an out-of-bounds read in phpstriptagsex bsc1162629. CVE-2020-7060: Fixed a global buffer-overflow in mbflfiltconvbig5wchar bsc1162632. CVE-2019-20433: Fixed a buffer over-read when processing strings...
CVE-2019-20433
creationtimestamp| type| source ---|---|--- 2020-01-27 21:37:49+00:00| seen| https://t.me/cveNotify/456...
CVE-2019-20433
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELLCONF environment variable...
CVE-2019-20433
The CVE-2019-20433 issue affects GNU Aspell’s libaspell.a prior to 0.60.8, where a buffer over-read can occur for a string ending with a single ASCII NUL (’\0’) when the encoding is UCS-2 or UCS-4 outside the application, as demonstrated by the ASPELL_CONF environment variable. The vulnerability ...
CVE-2019-20433
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELLCONF environment variable...
CVE-2019-20433
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELLCONF environment variable...