14 matches found
SUSE CVE-2006-4335
Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GZIP archive that triggers an...
SUSE CVE-2015-2278
The LZH decompression implementation CsObjectInt::BuildHufTree function in vpa108csulzh.cpp in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers t...
SUSE-SU-2016:0807-1 Security update for clamsap
This update fixes the following security issues: CVE-2015-2278: The LZH decompression implementation allows context-dependent attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to look-ups of non-simple codes. CVE-2015-2282: Stack-based buffer overflow in t...
CVE-2015-2278
The LZH decompression implementation CsObjectInt::BuildHufTree function in vpa108csulzh.cpp in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers t...
Out-of-bounds
The LZH decompression implementation CsObjectInt::BuildHufTree function in vpa108csulzh.cpp in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers t...
CVE-2015-2278
The LZH decompression implementation CsObjectInt::BuildHufTree function in vpa108csulzh.cpp in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers t...
Stack Buffer Overflow Vulnerability in Multiple SAP Products
SAP NetWeaver is an integrated service-oriented application platform that provides a development and runtime environment for SAP applications; ABAP is an application server that runs in NetWeaver and is based on the ABAP high-level programming language; and SAP .NET Connector is a connector betwe...
LHa: Multiple vulnerabilities
Background LHa is a console-based program for packing and unpacking LHarc archives. Description Tavis Ormandy of the Google Security Team discovered several vulnerabilities in the LZH decompression component used by LHa. The maketable function of unlzh.c contains an array index error and a buffer...
GLSA-200609-13 : gzip: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200609-13 gzip: Multiple vulnerabilities Tavis Ormandy of the Google Security Team has reported multiple vulnerabilities in gzip. A stack buffer modification vulnerability was discovered in the LZH decompression code, where a...
CVE-2006-4335
Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GZIP archive that triggers an...
CVE-2006-4335
Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GZIP archive that triggers an...
CVE-2006-4335
Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GZIP archive that triggers an...
multiple vulnerabilities in lha
Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GZIP archive that triggers an...
CVE-2006-4335
Array index error in the maketable function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted GZIP archive that triggers an...