Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

6.5CVSS6.5AI score0.0135EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/03 12:15 p.m.3 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/03 12:6 p.m.2 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/07/29 7:40 p.m.2 views

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

6CVSS7.6AI score0.00478EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/11/20 6:29 p.m.15 views

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

7.1CVSS6.8AI score0.0135EPSS
Exploits0References1
OSV
OSV
added 2017/11/20 6:29 p.m.2 views

DEBIAN-CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

7.1CVSS6.5AI score0.0135EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/11/20 6:0 p.m.41 views

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

6.6AI score0.0135EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2007/05/08 10:19 p.m.4 views

CVE-2007-1203

Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption...

9.3CVSS6.2AI score0.31037EPSS
Exploits0References11
Rows per page
Query Builder