97 matches found
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
CVE-2016-10195
CVE-2016-10195 affects libevent’s evdns.c name_parse function, where handling of label_len can trigger an out-of-bounds stack read. The vulnerability exists in libevent up to version prior to 2.1.6-beta, and is described as having unspecified impact for remote attackers via the label_len-related ...
libevent -- multiple vulnerabilities
Debian Security reports: CVE-2016-10195: The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read. CVE-2016-10196: Stack-based buffer overflow in the...
CVE-2016-10195
The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...
DEBIAN-CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
CVE-2015-8920
CVE-2015-8920 affects the libarchive project, specifically the _ar_read_header function in archive_read_support_format_ar.c. A crafted ar file can trigger an out-of-bounds stack read, enabling a denial of service. Public references consistently describe this as a vulnerability in libarchive versi...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
Debian DLA-582-1 : libidn security update
Multiple vulnerabilities have been discovered in libidn. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-8948 When idn is reading one zero byte as input an out-of-bounds-read occurred. CVE-2016-6261 An out-of-bounds stack read is exploitable in...
libidn: denial of service
CVE-2015-8948 denial of service Solve out-of-bounds-read when reading one zero byte as input. Also replaced fgets with getline. Reported by Hanno Boeck. - CVE-2016-6261 denial of service Fix out-of-bounds stack read in idnatoascii4i. Reported by Hanno Boeck. - CVE-2016-6262 denial of service...
Updated libidn packages fix security vulnerability
Out-of-bounds stack read in libidn before 1.33 in idnatoascii4i CVE-2016-6261. Out-of-bounds-read in libidn when reading one zero byte as input CVE-2015-8948, CVE-2016-6262. In libidn before 1.33, stringpreputf8nfkcnormalize would crash when presented with invalid UTF-8 CVE-2016-6263...
libidn -- multiple vulnerabilities
Simon Josefsson reports: libidn: Fix out-of-bounds stack read in idnatoascii4i. idn: Solve out-of-bounds-read when reading one zero byte as input. Also replaced fgets with getline. libidn: stringpreputf8nfkcnormalize reject invalid UTF-8. It was always documented to only accept UTF-8 data, but no...
UBUNTU-CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
CVE-2015-8920
The arreadheader function in archivereadsupportformatar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds stack read via a crafted ar file...
Memory corruption
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...
Debian Security Advisory DSA 026-1 (bind)
The remote host is missing an update to bind announced via advisory DSA 026-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...