Lucene search
K

25 matches found

Cvelist
Cvelist
added 2017/09/05 6:0 p.m.25 views

CVE-2017-2808

An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...

7.5CVSS7.7AI score0.01701EPSS
Exploits1References5
CVE
CVE
added 2017/09/05 6:0 p.m.138 views

CVE-2017-2807

CVE-2017-2807 affects Ledger-CLI 3.1.1, with a buffer overflow in the tag value parsing component caused by an integer underflow when processing a crafted journal file. This can lead to code execution or other impact described in multiple advisories. Public sources in the connected docs confirm r...

7.8CVSS7.7AI score0.01974EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2017/09/05 6:0 p.m.39 views

CVE-2017-2807

An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause an integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability...

7.8CVSS7.7AI score0.01974EPSS
Exploits1
FreeBSD
FreeBSD
added 2017/09/05 12:0 a.m.20 views

ledger -- multiple vulnerabilities

Talos reports: An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause an integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability. A...

8.1AI score
Exploits0References4
Talos
Talos
added 2017/08/30 12:0 a.m.43 views

Ledger CLI Account Directive Use-After-Free Vulnerability

Summary An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger th...

7.8CVSS7.8AI score0.01701EPSS
Exploits1
Rows per page
Query Builder