893 matches found
DEBIAN-CVE-2017-8053
PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...
CVE-2017-8053
PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...
Denial Of Service (DoS)
yaml-cpp aka LibYaml is vulnerable to denial of service DoS attacks. The attacks are possible because the SingleDocParser::HandleNode function does not handle YAML files properly, allowing the attackers to trigger stack consumption and application crash using malicious YAML files...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
Code injection
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2016-10221
The countentries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service stack consumption and application crash via a crafted PDF document...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
UBUNTU-CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2017-5950
yaml-cpp (LibYaml-C++) vulnerability CVE-2017-5950 stems from SingleDocParser::HandleNode and affects 0.5.x series (e.g., 0.5.3). A crafted YAML file can cause stack consumption and application crash (DoS). Remediation per connected advisories: rebuild/upgrade to yaml-cpp 0.6.0 or newer (Fedora 2...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
Code injection
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4571
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4571
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4570
CVE-2016-4570 affects the mxml library (mxml 2.9, 2.7, and earlier) via the mxmlDelete function in mxml-node.c, allowing denial of service (stack exhaustion) when processing crafted XML files. Connected advisories confirm this vulnerability and show patched packages in multiple distros: Debian (D...
CVE-2016-4571
CVE-2016-4571 affects the mxml library. The vulnerability is in the function mxml_write_node (file mxml-file.c) and can allow remote attackers to cause a denial of service via crafted XML, affecting versions 2.9, 2.7 and possibly earlier. Several advisories document fixes: Debian/DLA-1641-1 notes...
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4571
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
Denial Of Service (DoS)
Jansson is vulnerable to denial of service DoS attacks. These attacks are possible though JSON data, causing deep recursion, stack consumption and eventually crashing the application...