194 matches found
UBUNTU-CVE-2017-7860
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parseunix function in core/ext/clientchannel/parseaddress.c...
DEBIAN-CVE-2017-6508
CRLF injection vulnerability in the urlparse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL...
CVE-2017-6309
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...
UBUNTU-CVE-2016-9831
Heap-based buffer overflow in the parseSWFRGBA function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file...
Updated perl-Email-Address packages fix security vulnerabilities
Updated perl-Email-Address package fixes security vulnerability: The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via an empty quoted string in an RFC 2822 address...
CVE-2014-0477
The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via an empty quoted string in an RFC 2822 address...
CVE-2012-1108
The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service crash via a crafted vendorLength field in an ogg file...
CVE-2012-1108
The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service crash via a crafted vendorLength field in an ogg file...
CVE-2009-4035
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to execute arbitrary code via a PDF file with a...
CVE-2009-4035
Summary (CVE-2009-4035): The flaw exists in FoFiType1::parse in FoFiType1.cc used by Xpdf 3.0.0, gpdf 2.8.2, and kdegraphics 3.3.1 (and possibly other libraries). The code fails to validate the return value of getNextLine, enabling a signed-to-unsigned conversion error when processing a crafted T...
White_Dune本地缓冲区溢出及格式串处理漏洞
BUGTRAQ ID: 27102 WhiteDune是VRML97文件的开源编辑器和查看器。 WhiteDune的实现上存在多个安全漏洞,远程攻击者可能利用此漏洞控制用户系统。 ----------------------------------- A Scene::errorf缓冲区溢出 ----------------------------------- 用于创建解析WRL文件中所出现问题的错误消息的函数中存在缓冲区溢出漏洞。以下是Scene.cpp文件中的漏洞代码: void Scene::errorfconst char fmt, ... valist ap; char...
CVE-2006-1269
Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. NOTE: since this issue is local and not setuid, the set of attack scenarios is limited,...
CVE-2006-1269
Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. NOTE: since this issue is local and not setuid, the set of attack scenarios is limited,...
CVE-2006-1269
Removed by vendor...