Libevt Design Vulnerabilities

libevt is a tool for accessing the Windows event log. A security vulnerability in the 'libevtrecordvaluesreadevent' function in the libevtrecordvalues.c file in versions of libevt prior to 2018-03-17 stems from a failure of the program to properly perform a detection. A detailed vulnerability...

UBUNTU-CVE-2018-8754

The libevtrecordvaluesreadevent function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub...

PT-2018-18614 · Libyal +1 · Libevt +1

Name of the Vulnerable Software and Affected Versions: libevt versions prior to 2018-03-17 Description: The issue concerns the libevt record values read event function in libevt record values.c, which does not properly check for out-of-bounds values of user SID data size, strings size, or data...

Microsoft Excel COUNTRY Record Parsing Memory Corruption (MS08-043; CVE-2008-3006)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the way Microsoft Excel parses record values. The vulnerability is due to an error in Microsoft Excel that fails to perform sufficient validation when parsing record values while...