Null pointer dereference

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of parameter validation in calls to memcpy in strtok in srunix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer...

UBUNTU-CVE-2021-44493

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...

UBUNTU-CVE-2021-44499

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that...

UBUNTU-CVE-2021-44496

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...

CVE-2021-44507

CVE-2021-44507 affects FIS GT.M through V7.0-000 (related to the YottaDB code base). The issue is caused by a lack of parameter validation in calls to memcpy within str_tok in sr_unix/ztimeoutroutines.c , which can allow an attacker to read from a NULL pointer. The impact described is undefined b...

CVE-2021-44507

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of parameter validation in calls to memcpy in strtok in srunix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer...

CVE-2021-44504

CVE-2021-44504 affects FIS GT.M through V7.0-000 (YottaDB code base). A crafted input makes a size variable stored as a signed int become extremely large, is interpreted as negative during a check, and is then used in a memcpy on the stack, causing a memory segmentation fault. Documents describe ...

CVE-2021-44504

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely large value, which is interpreted as a negative value during a check. This value is then used in a memc...

CVE-2021-44499

CVE-2021-44499 affects FIS GT.M through V7.0-000 (YottaDB code base). Crafted input can make $Extract push a signed integer indicating buffer size to a large negative value, used as the length of a memcpy on the stack, causing a buffer overflow. Impact and exploit status are not detailed beyond t...

CVE-2021-44481

An issue was discovered in YottaDB through r1.32 and V7.0-000. A lack of parameter validation in calls to memcpy in checkandsettimeout in srunix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer...

CVE-2021-44481

CVE-2021-44481 affects YottaDB (r1.32 and V7.0-000) and is caused by missing parameter validation in memcpy in sr_unix/ztimeoutroutines.c (function check_and_set_timeout), enabling an attempt to read from a NULL pointer. The available connected documents specify the vulnerable component and root ...

FIS GT.M 代码问题漏洞

FIS GT.M is a database platform. A security vulnerability exists in FIS GT.M versions prior to V7.0-000, which stems from a lack of parameter validation when calling memcpy in strtok in srunix/ztimeoutroutines.c. The vulnerability can be exploited to attempt to read a null pointer. An attacker ca...

FIS GT.M 安全漏洞

FIS GT.M is a database platform. A security vulnerability exists in versions of FIS GT.M prior to V7.0-000, which can be exploited by an attacker to cause a size variable stored as a signed integer to equal a very large value, which is interpreted as a negative value during a check. This value is...

YottaDB 安全漏洞

YottaDB is a real-time database from the American company YottaDB. A security vulnerability in YottaDB r1.32 and versions prior to V7.0-000 allows an attacker to cause a buffer overflow by calling $Extract to force a signed integer of the size of the save buffer to take a larger negative number,...

YottaDB 缓冲区错误漏洞

YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in versions of YottaDB prior to r1.32 and V7.0-000, which could be exploited by an attacker to control the size and input of memcpy calls to opfnfnumber in srport/opfnfnumber.c to corrupt memory or crash the...

YottaDB 输入验证错误漏洞

YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB, which stems from a missing parameter validation in the call to memcpy in checkandsettimeout in srunix/ztimeoutroutines.c allowing an attacker to attempt to read from a NULL pointer. No detailed...

PT-2022-12135 · Yottadb · Yottadb

Name of the Vulnerable Software and Affected Versions: YottaDB versions prior to r1.32 and V7.0-000 Description: An issue was discovered that allows attackers to control the size and input to calls to memcpy in op fnfnumber in sr port/op fnfnumber.c using crafted input. This can lead to memory...

Updated libtiff packages fix security vulnerability

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. CVE-2022-0865 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory acces...

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

...

CVE-2022-0908

A flaw was found in LibTIFF where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchNormalTag in tifdirread.c. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service...