55 matches found
DEBIAN-CVE-2017-17126
The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...
Updated upx package fixes security vulnerability
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack CVE-2017-15056...
UPX denial of service vulnerability
UPX is an executable file compressor. A security vulnerability exists in the plxelf.cpp file in UPX version 3.94, which stems from the program's failure to properly handle ELF packet headers. A remote attacker can exploit this vulnerability to cause a denial of service application crash with the...
Design/Logic Flaw
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
CVE-2017-15056
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
CVE-2017-15056
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
CVE-2017-15056
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
CVE-2017-15056
CVE-2017-15056 affects UPX 3.94 for Linux; the root cause is in p_lx_elf.cpp, where ELF headers are mishandled, enabling a crafted binary to cause a denial of service (application crash) via an Invalid Pointer Read in PackLinuxElf64::unpack(). Open-source advisories from Mageia, Fedora and openSU...
CVE-2017-15056
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20120123)
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : - It was found that permissions were not checked properly in the Linux kernel when handling the /proc/pid/mem writing functionality. A local, unprivileged user...
Gentoo Security Advisory GLSA 200412-07 (file)
The remote host is missing updates announced in advisory GLSA 200412-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200412-07 (file)
The remote host is missing updates announced in advisory GLSA 200412-07. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2005-2617
The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...
CVE-2005-2617
The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...
CVE-2005-2617
The syscall32setuppages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insertvmstruct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers...