19 matches found
EUVD-2015-8776
Malware in sbrugna...
Arbitrary Code Execution
firefox and thunderbird is vulnerable to arbitrary code execution attacks. The vulnerability exists as the nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds...
CVE-2017-12451
The bfdxcoffreadarhdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file...
CVE-2017-12451
The bfdxcoffreadarhdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file...
CVE-2017-12451
The bfdxcoffreadarhdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file...
CVE-2017-12451
The bfdxcoffreadarhdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file...
CVE-2017-12451
CVE-2017-12451 affects the GNU Binutils libbfd prior to 2.30. The vulnerability is in the _bfd_xcoff_read_ar_hdr function (files coff-rs6000.c and coff64-rs6000.c) and can cause an out-of-bounds stack read when processing a crafted COFF image. This could enable a remote attacker to read memory vi...
Out-of-bounds
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
CVE-2015-8920
CVE-2015-8920 affects the libarchive project, specifically the _ar_read_header function in archive_read_support_format_ar.c. A crafted ar file can trigger an out-of-bounds stack read, enabling a denial of service. Public references consistently describe this as a vulnerability in libarchive versi...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
Updated libidn packages fix security vulnerability
Out-of-bounds stack read in libidn before 1.33 in idnatoascii4i CVE-2016-6261. Out-of-bounds-read in libidn when reading one zero byte as input CVE-2015-8948, CVE-2016-6262. In libidn before 1.33, stringpreputf8nfkcnormalize would crash when presented with invalid UTF-8 CVE-2016-6263...
libidn -- multiple vulnerabilities
Simon Josefsson reports: libidn: Fix out-of-bounds stack read in idnatoascii4i. idn: Solve out-of-bounds-read when reading one zero byte as input. Also replaced fgets with getline. libidn: stringpreputf8nfkcnormalize reject invalid UTF-8. It was always documented to only accept UTF-8 data, but no...