CVE-2017-13089 GNU Wget: stack overflow in HTTP protocol handling

The http.c:skipshortbody function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then...

Fedora 19 : libgadu-1.12.0-0.3.rc2.fc19 (2014-2341)

Security vulnerability fix in HTTP protocol handling. A specially crafted server reply may cause memory overwrite and arbitrary code execution. CVE-2013-6487. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...