29 matches found
EUVD-2017-18839
Malware in sbrugna...
EUVD-2017-17787
Malware in sbrugna...
EUVD-2018-2756
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-8847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bufRead::get function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and...
Ubuntu 16.04 ESM : Long Range ZIP vulnerabilities (USN-5171-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5171-2 advisory. USN-5171-1 fixed vulnerabilities in Long Range ZIP. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
SUSE CVE-2018-5650
In Long Range Zip aka lrzip 0.631, there is an infinite loop and application hang in the unzipmatch function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file...
Design/Logic Flaw
In Long Range Zip aka lrzip 0.631, there is a use-after-free in readstream in stream.c, because decompressfile in lrzip.c lacks certain size validation...
CVE-2018-9058
In Long Range Zip aka lrzip 0.631, there is an infinite loop in the runzipfd function of runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file...
Design/Logic Flaw
In Long Range Zip aka lrzip 0.631, there is an infinite loop and application hang in the unzipmatch function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file...
CVE-2017-9928
In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file...
DEBIAN-CVE-2017-9929
In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file...
CVE-2017-9929
In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file...
CVE-2017-8843
The joinpthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive...
CVE-2017-8847
The bufRead::get function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive...
CVE-2017-8844
The read1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted archive...
CVE-2017-8846
The readstream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted archive...
CVE-2017-8843
The joinpthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive...
Code injection
The lzo1xdecompress function in lzo1xd.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted archive...
CVE-2017-8844
The read1g function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted archive...
DEBIAN-CVE-2017-8847
The bufRead::get function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive...