55 matches found
CVE-2020-27788
An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack function of plxelf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service...
CVE-2020-27790
A floating point exception issue was discovered in UPX in PackLinuxElf64::invertptdynamic function of plxelf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability...
CVE-2020-27790
A floating point exception issue was discovered in UPX in PackLinuxElf64::invertptdynamic function of plxelf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability...
CVE-2020-27790
CVE-2020-27790 affects UPX, specifically PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. A crafted input file can trigger a floating point exception leading to a crash and denial of service (Availability impact). The provided connected records describe heap-based buffer overflow variants in ...
PT-2022-8865 · Upx +1 · Upx +1
Name of the Vulnerable Software and Affected Versions: UPX affected versions not specified Description: A floating point exception issue was discovered in the PackLinuxElf64::invert pt dynamic function of the p lx elf.cpp file. An attacker with a crafted input file could trigger this issue, causi...
Updated upx packages fix security vulnerabilities
The updated packages fix security vulnerabilities: PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a...
Double free
PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...
CVE-2018-11243
PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...
CVE-2018-11243
PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...
CVE-2018-11243
PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...
CVE-2018-11243
PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...
PT-2018-10421 · Upx Team +2 · Upx +2
Name of the Vulnerable Software and Affected Versions: UPX version 3.95 Description: The issue allows remote attackers to cause a denial of service, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file. This is...
Updated upx package fixes security vulnerability
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack CVE-2017-15056...
CVE-2017-15056
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
CVE-2017-15056
CVE-2017-15056 affects UPX 3.94 for Linux; the root cause is in p_lx_elf.cpp, where ELF headers are mishandled, enabling a crafted binary to cause a denial of service (application crash) via an Invalid Pointer Read in PackLinuxElf64::unpack(). Open-source advisories from Mageia, Fedora and openSU...