Lucene search
K

7 matches found

OSV
OSV
added 2021/12/29 12:0 a.m.9 views

OSV-2021-1775 Heap-buffer-overflow in hfs_dir_open_meta_cb

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43040 Crash type: Heap-buffer-overflow READ 1 Crash state: hfsdiropenmetacb hfscattraverse hfsdiropenmeta...

7.2AI score
Exploits0References1
ossfuzz
ossfuzz
added 2020/08/14 12:39 p.m.11 views

sleuthkit:sleuthkit_fls_hfs_fuzzer: Heap-buffer-overflow in hfs_cat_traverse

Detailed Report: https://oss-fuzz.com/testcase?key=6261381394071552 Project: sleuthkit Fuzzing Engine: libFuzzer Fuzz Target: sleuthkitflshfsfuzzer Job Type: libfuzzerasansleuthkit Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x61e000000a8a Crash State: hfscattraverse...

6.8AI score
Exploits0Affected Software1
Prion
Prion
added 2019/07/18 5:15 p.m.14 views

Integer overflow

The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfsdent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfscattraverse in lines: 952, 1062. The attack...

4.3CVSS6.5AI score0.01373EPSS
Exploits0References5Affected Software3
NVD
NVD
added 2018/11/29 11:29 p.m.25 views

CVE-2018-19497

In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...

6.5CVSS6.3AI score0.01523EPSS
Exploits0References6
OSV
OSV
added 2018/11/29 11:29 p.m.30 views

CVE-2018-19497

In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...

6.5CVSS6.5AI score
Exploits0References6
CVE
CVE
added 2018/11/29 11:0 p.m.108 views

CVE-2018-19497

CVE-2018-19497 affects The Sleuth Kit (TSK) up to 4.6.4 via hfs_cat_traverse in tsk/fs/hfs.c, where an oversized key length can cause a denial of service (SEGV in tsk_getu16 during hfs_dir_open_meta_cb). Public docsets indicate mitigations/patches: Debian LTS/DLA-3054-1 fixes SleuthKit in Debian ...

6.5CVSS6.2AI score0.01523EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2018/11/29 11:0 p.m.25 views

CVE-2018-19497

In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...

6.5CVSS5.2AI score0.01523EPSS
Exploits0
Rows per page
Query Builder