8 matches found
Astra Linux - уязвимость в libidn2
GNU libidn2 before version 2.2.0 fails to perform the round-trip checks specified in RFC3490, Section 4.2, when converting A-labels to U-labels. This allows, under certain circumstances, one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2019-18224)
idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2019-12290)
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...
EUVD-2019-3931
Malware in sbrugna...
USN-3421-2 libidn2-0 vulnerability
USN-3421-1 fixed a vulnerability in Libidn2. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM...
USN-3421-2: Libidn2 vulnerability
USN-3421-1 fixed a vulnerability in Libidn2. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM...
UBUNTU-CVE-2019-12290
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the...
ALPINE-CVE-2019-18224
idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string...