32 matches found
UBUNTU-CVE-2018-20348
libpffitemtreecreatenode in libpffitemtree.c in libpff before experimental-20180714 allows attackers to cause a denial of service infinite recursion via a crafted file, related to libfdatatreegetnodevalue in libfdatatree.c...
CVE-2018-20348
libpffitemtreecreatenode in libpffitemtree.c in libpff before experimental-20180714 allows attackers to cause a denial of service infinite recursion via a crafted file, related to libfdatatreegetnodevalue in libfdatatree.c...
CVE-2018-20348
The CVE-2018-20348 entry documents a local-denial-of-service vulnerability in libpff: specifically, libpff_item_tree_create_node in libpff_item_tree.c (before experimental-20180714) can be triggered by a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c. Exploitation would ...
libyal libpff Information Disclosure Vulnerability
libyal libpff is a library for accessing Personal Folder Files PFF and Offline Folder Files OFF. A security vulnerability exists in the 'libpffnametoidmapentryread' function in the libpffnametoidmap.c file in libyal libpff 2018-04-28 and earlier versions. A remote attacker can exploit this...
Heap overflow
DISPUTED The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on...
CVE-2018-11723
The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub...
CVE-2018-11723
The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub...
CVE-2018-11723
The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub...
CVE-2018-11723
The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub...
CVE-2018-11723
The libpffnametoidmapentryread function in libpffnametoidmap.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted pff file. NOTE: the vendor has disputed this as described in libyal/libpff issue 66 on GitHub...
CVE-2018-11723
The vulnerability CVE-2018-11723 affects libyal libpff (libpff_name_to_id_map_entry_read in libpff_name_to_id_map.c) through 2018-04-28. It allows a remote attacker to cause information disclosure via a crafted PFF file by triggering a heap-based buffer over-read. Public entries (SUSE, CNVD, OSV,...
PT-2018-10781 · Libyal · Libpff
Name of the Vulnerable Software and Affected Versions: libpff versions through 2018-04-28 Description: The issue allows remote attackers to cause an information disclosure via a crafted pff file. This is due to a heap-based buffer over-read in the libpff name to id map entry read function in libp...