SUSE CVE-2018-7186

Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...

The vulnerability of the gplotRead and ptaReadStream functions in the Leptonica image processing library, which allows a hacker to cause a service failure or exert other effects.

The vulnerability of the gplotRead and ptaReadStream functions in the Leptonica image processing library is related to buffer overflow in the stack %s in the fscanf and sscanf functions. Exploiting this vulnerability can allow a malicious actor to cause service failures by using a specially craft...

MGASA-2018-0175 Updated leptonica packages fix security vulnerabilities

Package leptonica has been updated to the current stable version 1.75.3 which fixes: CVE-2018-7186 - multiple stack-based buffer overflows in gplotRead and ptaReadStream CVE-2018-7247 - a buffer overflow in src/viewfiles.c with unsanitized input rootname...

CVE-2018-7186

Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...

PT-2018-1097 · Leptonica +2 · Leptonica +2

Name of the Vulnerable Software and Affected Versions: Leptonica versions prior to 1.75.3 Description: The issue is related to the gplotRead and ptaReadStream functions in the Leptonica library, which does not limit the number of characters in a %s format argument to fscanf or sscanf. This allows...