1104 matches found
CVE-2017-1000373
The OpenBSD qsort function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
Code injection
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
YARA Denial of Service Vulnerability (CNVD-2017-11646)
YARA is a suite of tools used to help software researchers identify and categorize malware samples. regexp is a regular expression module. A denial of service vulnerability exists in the libyara/re.c file of the regexp module in YARA version 3.5.0. A remote attacker could exploit this vulnerabili...
CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...
CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...
CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...
ALPINE-CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...
CVE-2017-9210
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3...
CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...
CVE-2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...
Resource Management Errors
Overview Affected versions of this package are vulnerable to Resource Management Errors libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka...
Design/Logic Flaw
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3...
Design/Logic Flaw
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...