1012 matches found
CVE-2017-15602
GNU Libextractor 1.4 contains a signedness error in EXTRACTOR_nsfe_extract_method (plugins/nsfe_extractor.c) that can cause an infinite loop when given a crafted chunk size. Affected component is the nsfe_extractor, with the root cause described as an integer signedness issue for chunk size. The ...
CVE-2017-15602
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...
Debian DLA-1127-1 : sam2p security update
Several vulnerabilites, like heap-based buffer overflows, integer signedness or overflow errors have been found by fpbibi and have been fixed by upstream. For Debian 7 'Wheezy', these problems have been fixed in version 0.49.1-1+deb7u1. We recommend that you upgrade your sam2p packages. NOTE:...
CVE-2017-14629
In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element...
CVE-2017-14629
In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element...
CVE-2017-14631
In sam2p 0.49.3, the pcxLoadRaster function in inpcx.cpp has an integer signedness error leading to a heap-based buffer overflow...
CVE-2017-14631
In sam2p 0.49.3, the pcxLoadRaster function in inpcx.cpp has an integer signedness error leading to a heap-based buffer overflow...
CVE-2017-14631
In sam2p 0.49.3, the pcxLoadRaster function in inpcx.cpp has an integer signedness error leading to a heap-based buffer overflow...
CVE-2017-14629
In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element...
Heap overflow
In sam2p 0.49.3, the pcxLoadRaster function in inpcx.cpp has an integer signedness error leading to a heap-based buffer overflow...
CVE-2017-14631
sam2p 0.49.3 is affected by CVE-2017-14631 due to a signedness error in pcxLoadRaster within in_pcx.cpp, causing a heap-based buffer overflow. This affects the ability to process inputs that trigger the flaw and can lead to denial of service as described in CNVD-2017-34028 and related advisories....
CVE-2017-14631
In sam2p 0.49.3, the pcxLoadRaster function in inpcx.cpp has an integer signedness error leading to a heap-based buffer overflow...
CVE-2017-14629
In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element...
CVE-2017-14629
CVE-2017-14629 affects sam2p 0.49.3: the in_xpm_reader function in in_xpm.cpp contains a signedness error that can crash the process when writing to an out-of-bounds array element (DoS). Multiple connected sources confirm the same issue and list this CVE among a set of fixes for sam2p; upstream r...
[ASA-201709-10] ffmpeg: denial of service
Arch Linux Security Advisory ASA-201709-10 ========================================== Severity: Medium Date : 2017-09-15 CVE-ID : CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223...
CVE-2017-14169
In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...
CVE-2017-14169
In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...
CVE-2017-14169
In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...
CVE-2017-14169
In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...
CVE-2017-14169
In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...