62 matches found
Heap overflow
DISPUTED The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12098
The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12098
The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12097
The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...
CVE-2018-12096
The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
UBUNTU-CVE-2018-12097
The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...
DEBIAN-CVE-2018-12096
The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
DEBIAN-CVE-2018-12097
The liblnklocationinformationreaddata function in liblnklocationinformation.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on...
UBUNTU-CVE-2018-12096
The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12096
The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12098
The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12096
The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12098
The vulnerability CVE-2018-12098 affects liblnk up to 2018-04-19, caused by the liblnk_data_block_read() function in liblnk_data_block.c, leading to a heap-based buffer over-read via a crafted .lnk file. Exploitation details are not fully disclosed in the provided documents; vendor dispute is not...
CVE-2018-12097
The CVE affects the liblnk library: the function liblnk_location_information_read_data in liblnk_location_information.c (liblnk up to 2018-04-19) allows an attacker to cause information disclosure via a crafted .lnk file. The vulnerability is a heap-based buffer over-read. Vendors dispute the cla...
CVE-2018-12096
The vulnerability CVE-2018-12096 affects liblnk (liblnk_data_string.c: liblnk_data_string_get_utf8_string_size) where a crafted .lnk file may cause heap-based buffer over-read leading to information disclosure. The vendor disputes this issue (libyal/liblnlk issue 33 on GitHub). The connected reco...
CVE-2018-12098
The liblnkdatablockread function in liblnkdatablock.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
CVE-2018-12096
The liblnkdatastringgetutf8stringsize function in liblnkdatastring.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub...
PT-2018-11011 · Libyal · Liblnk
Name of the Vulnerable Software and Affected Versions: liblnk versions through 2018-04-19 Description: The issue allows remote attackers to cause an information disclosure via a crafted lnk file. This is due to a heap-based buffer over-read in the liblnk data block read function in liblnk data...
PT-2018-11009 · Libyal · Liblnk
Name of the Vulnerable Software and Affected Versions: liblnk versions through 2018-04-19 Description: The issue is related to the liblnk data string get utf8 string size function in liblnk data string.c, which allows remote attackers to cause an information disclosure via a crafted lnk file. Thi...
PT-2018-11010 · Libyal · Liblnk
Name of the Vulnerable Software and Affected Versions: liblnk versions through 2018-04-19 Description: The issue allows remote attackers to cause an information disclosure via a crafted lnk file. This is due to a heap-based buffer over-read in the liblnk location information read data function in...