curl: Use-After-Free in curl_easy_nextheader when reusing header handle across requests

. The API returns struct curlheader objects that internally reference libcurl-owned linked list nodes. When a new request is performed on the same CURL handle, libcurl frees and rebuilds the internal header list, but previously returned struct curlheader objects remain valid to the application an...

exempi: Infinite loop in ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp

An issue was discovered in Exempi before 2.4.4. The ASFSupport::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASFSupport.cpp allows remote attackers to cause a denial of service infinite loop via a crafted .asf file...

Exempi Denial of Service Vulnerability (CNVD-2018-06687)

Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A security vulnerability exists in the 'ASFSupport::ReadHeaderObject' function in the XMPFiles/source/FormatSupport/ASFSupport.cpp file in versions of Exempi prior to 2.4.4. A remote attacker can exploit this vulnerability...

UBUNTU-CVE-2017-18236

An issue was discovered in Exempi before 2.4.4. The ASFSupport::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASFSupport.cpp allows remote attackers to cause a denial of service infinite loop via a crafted .asf file...

Microsoft Windows Media Player WMV Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...