AZL-56928 CVE-2024-45776 affecting package grub2 for versions less than 2.06-15

When reading the language .mo file in grubmofileopen, grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data o...

CVE-2024-45776

When reading the language .mo file in grubmofileopen, grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data o...

GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. GRUB suffers from a buffer error vulnerability that stems from an integer overflow not checked when reading .mo files, which can lead to out-of-bounds reads and writes and bypass secure boot...

[SECURITY] Fedora 27 Update: php-phpmyadmin-motranslator-4.0-1.fc27

Translation API for PHP using Gettext MO files. Features All strings are stored in memory for fast lookup Fast loading of MO files Low level API for reading MO files Emulation of Gettext API No use of eval for plural equation Limitations Not suitable for huge MO files which you don't want to stor...

[SECURITY] Fedora 25 Update: php-php-gettext-1.0.12-1.fc25

This library provides PHP functions to read MO files even when gettext is not compiled in or when appropriate locale is not present on the system...

[SECURITY] Fedora 24 Update: php-php-gettext-1.0.12-1.fc24

This library provides PHP functions to read MO files even when gettext is not compiled in or when appropriate locale is not present on the system...

[SECURITY] Fedora 23 Update: php-php-gettext-1.0.12-1.fc23

This library provides PHP functions to read MO files even when gettext is not compiled in or when appropriate locale is not present on the system...

PHP gettext 1.0.12 Code Execution

CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP 5.6.19-2+b1 CVSS: 7.1 OVE ID: OVE-20160705-0004 C...

PHP gettext 1.0.12 - gettext.php Code Execution

PHP gettext 1.0.12 - gettext.php Code Execution CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP...

PHP gettext 1.0.12 - 'gettext.php' Code Execution

CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP 5.6.19-2+b1 CVSS: 7.1 OVE ID: OVE-20160705-0004 C...

PHP gettext 1.0.12 - (gettext.php) Unauthenticated Code Execution

Exploit for php platform in category web applications CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian,...

CakePHP 2.5.9, 2.6.11 & 2.7.2 Released

CakePHP 2.5.9, 2.6.11 & 2.7.2 Released The CakePHP core team is ready to announce the immediate availability of CakePHP 2.5.9, 2.6.11, and 2.7.2. These releases contain important security updates for applications using prefix routing. Security Issues There are two issues that can impact the...

Design/Logic Flaw

bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a 1 .po or 2 .mo file...