10 matches found
Astra Linux – Vulnerability in libcroco
The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error through a crafted CSS file...
CVE-2017-8834
The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error via a crafted CSS file...
Code injection
The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted CSS file...
CVE-2017-8871
The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted CSS file...
ALPINE-CVE-2017-8871
The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted CSS file...
CVE-2017-8834
The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error via a crafted CSS file...
PT-2017-4259 · Gnome +5 · Libcroco +5
Name of the Vulnerable Software and Affected Versions: libcroco version 0.6.12 Description: The issue is related to the cr parser parse selector core function in cr-parser.c, which can lead to a denial of service due to an infinite loop and CPU consumption when processing a crafted CSS file. This...
PT-2017-4258 · Gnome +5 · Libcroco +5
Name of the Vulnerable Software and Affected Versions: libcroco version 0.6.12 Description: The issue is related to the cr tknzr parse comment function in the cr-tknzr.c component of the libcroco library, which can cause a denial of service due to a memory allocation error when processing a craft...
Design/Logic Flaw
DISPUTED The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact v...
CVE-2017-7961
The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...