53 matches found
Null pointer dereference
Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. read.c, request.c, and util.c contribute to this. The processheaderend function calls boaatoi, which ultimately calls atoi on a NULL pointer...
openSUSE Security Update : transfig (openSUSE-2019-1455)
This update for transfig fixes the following issues : Security issue fixed : - CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the beginning of the buffer via specially crafted .fig file bsc1106531 This update was imported...
CVE-2018-16140
A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...
CVE-2018-16140
CVE-2018-16140 : A buffer underwrite in get_line() (read.c) of fig2dev 3.2.7a allows writing before the start of the target buffer via a crafted .fig file. The vulnerability is triggered by parsing a FIG file and results in memory corruption (no remediation details provided in the supplied docume...
fig2dev buffer overflow vulnerability
fig2dev is used to convert .fig files to various graphics languages and formats. A buffer underflow vulnerability exists in getline in read.c in fig2dev 3.2.7a. An attacker could exploit this vulnerability by writing before the buffer starts via a specially crafted .fig file...
UBUNTU-CVE-2018-16140
A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...
Denial Of Service (DoS)
libarchive.so is vulnerable to denial of service DoS attacks. A malicious user can pass a cab file to the readarchive function in read.c to cause a NULL pointer dereference that can crash the application...
libming denial of service vulnerability (CNVD-2018-12759)
libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A security vulnerability exists in the 'readBytes' function of the util/read.c file in libming version 0.4.8, which originates from a program...
CVE-2018-11432
The mobiparsemobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted mobi file...
CVE-2017-16899
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...
UBUNTU-CVE-2016-9828
The dumpBuffer function in read.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted SWF file...
CVE-2016-9828
CVE-2016-9828 affects the libming project (version 0.4.7) via the listswf tool. The vulnerability is in the dumpBuffer function (read.c) and allows a crafted SWF file to trigger a denial of service through a NULL pointer dereference. The provided connected documents confirm the affected component...
libming 'read.c' Denial of Service Vulnerability
libming is a Flash SWF output library. A denial of service vulnerability exists in 'read.c' in libming version 0.4.7, which can be exploited by an attacker to cause a denial of service...