Linux Distros Unpatched Vulnerability : CVE-2019-17264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libyal liblnk before 20191006, liblnklocationinformationreaddata in liblnklocationinformation.c has a heap-based buffer over-read because an incorrect variab...

CVE-2019-17264

In libyal liblnk before 20191006, liblnklocationinformationreaddata in liblnklocationinformation.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue...

DEBIAN-CVE-2019-17401

libyal liblnk 20191006 has a heap-based buffer over-read in the networksharenameoffset20 code block of liblnklocationinformationreaddata in liblnklocationinformation.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue...

CVE-2018-12097

The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...

UBUNTU-CVE-2018-12097

The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...

CVE-2018-12098

The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

CVE-2018-12096

The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...

liblnk heap buffer reread vulnerability (CNVD-2018-11566)

liblnk is a library for accessing the Windows shortcut file LNK format. A heap buffer reread vulnerability in the liblnk liblnkdatablockread function in liblnk liblnkdatablock.c allows remote attackers to cause an information disclosure via a specially crafted lnk file...