No entry checks in crossSwap[Exact]TokensFor[Exact]Tokens

Email address [email protected] Handle gpersoon Eth address gpersoon.eth Vulnerability details The functions crossSwapTokensForExactTokens and crossSwapExactTokensForTokens of MarginRouter.sol do not check who is calling the function. They also do not check the contents of pairs and tokens They...

ytnef heap buffer overflow vulnerability (CNVD-2017-07578)

ytnef is an application library for extracting data from winmail.dat files. A heap buffer overflow vulnerability exists in ytnef 1.9.2 and earlier versions of libytnef due to the program failing to properly validate bounds in the SIZECHECK macro in the lib/ytnef.c file. An attacker can exploit th...

CVE-2017-9058

CVE-2017-9058 affects the libytnef library (ytnef) up to version 1.9.2. The flaw is a heap-based buffer over-read/overflow caused by boundary checking in the SIZECHECK macro in lib/ytnef.c, exposed in several distributions. Impact: a remote attacker could potentially execute code on the affected ...

CVE-2017-9058

In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c...