10 matches found
EUVD-2017-4053
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-12482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and...
Linux Distros Unpatched Vulnerability : CVE-2017-12481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The findoption function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or...
Ledger CLI Account Directive Use-After-Free Vulnerability
Summary An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger th...
Stack overflow
The findoption function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-12481
The findoption function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-12482
The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-12482
CVE-2017-12482 affects Ledger 3.1.1, where ledger::parse_date_mask_routine in times.cc can be triggered by a crafted file to cause a stack-based buffer overflow, leading to denial of service (and potentially other impact). Public advisories (openSUSE/SUSE GLSA, Gentoo GLSA, OSV entries) reference...
CVE-2017-12482
The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-12481
CVE-2017-12481 affects Ledger 3.1.1, where the find_option function in option.cc can be triggered by a crafted file to cause a stack-based buffer overflow, leading to a denial of service (and potentially other impact). Public documents in the connected set confirm this CVE alongside related ones ...