CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allo...

CVE-2019-12360

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

CVE-2019-12159

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function when called from getRequestType via a long URL...

openSUSE Security Update : file (openSUSE-2019-1197)

This update for file fixes the following issues : The following security vulnerabilities were addressed : - Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file bsc1096974...

SUSE SLED12 / SLES12 Security Update : file (SUSE-SU-2019:0839-1)

This update for file fixes the following issues : The following security vulnerabilities were addressed : Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file bsc1096974...

Updated file packages fix security vulnerabilities

The updated file packages fix security vulnerabilities: docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360. CVE-2019-8905 docorenote in readelf.c in libmagic.a in file 5.35 allows remote...

Amazon Linux AMI : file (ALAS-2019-1186)

dobidnote in readelf.c in libmagic.a has a stack-based buffer over-read, related to fileprintf and filevprintf. CVE-2019-8904 docorenote in readelf.c in libmagic.a has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360 . CVE-2019-8905 docorenot...

Security update for file (moderate)

openSUSE Security Update: Security update for file Announcement ID: openSUSE-SU-2019:0345-1 Rating: moderate References: 1096974 1096984 1126117 1126118 1126119 Cross-References: CVE-2018-10360 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 Affected Products: openSUSE Leap 15.0 An update that solves...

SUSE SLED15 / SLES15 Security Update : file (SUSE-SU-2019:0571-1)

This update for file fixes the following issues : The following security vulnerabilities were addressed : CVE-2018-10360: Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file...

Denial Of Service (DoS)

libmatio.so is vulnerable to denial of service DoS attacks. The vulnerability exists through a possible stack-based buffer over-read in a memcpy operation in MatVarReadNextInfo5 in src/mat5.c, resulting in a denial of service condition when the vulnerability is exploited...

Fedora 29 : file (2019-15f5147b27)

CVE-2019-8907 - remote denial of service in docorenote in readelf.c - CVE-2019-8905 - stack-based buffer over-read in docorenote in readelf.c - CVE-2019-8904 - stack-based buffer over-read in dobidnote in readelf.c - CVE-2019-8906 - out-of-bounds read in docorenote in readelf.c Note that Tenable...

CVE-2019-9028

An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions in inflate.c when called from ReadNextCell in mat5.c...

Stack overflow

An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions in inflate.c when called from ReadNextCell in mat5.c...

CVE-2019-8905

docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...

CVE-2019-8904

CVE-2019-8904 concerns do_bid_note in readelf.c within libmagic.a (file package, 5.35) causing a stack-based buffer over-read, related to file_printf and file_vprintf. The vulnerability is described across multiple connected advisories (e.g., Cloud Foundry/USNs and Nessus entries) as impacting va...

CVE-2019-8905

CVE-2019-8905 affects the file utility (libmagic.a) do_core_note in readelf.c, version 5.35, via a stack-based buffer over-read related to file_printable. This can allow information disclosure and may cause denial of service when processing crafted ELF files. Upstream fixes exist in file version ...

openSUSE Security Update : ntpsec (openSUSE-2019-82)

This update for ntpsec to version 1.1.3 fixes the following issues : Security issues fixed : - CVE-2019-6442: Fixed a out of bounds write via a malformed config request boo1122132 - CVE-2019-6443: Fixed a stack-based buffer over-read in the ctlgetitem function boo1122144 - CVE-2019-6444: Fixed a...

CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...

CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

CVE-2019-6444

CVE-2019-6444 affects NTPsec prior to 1.1.3. The issue is a stack-based buffer over-read in ntp_control.c::process_control(), where attacker-controlled data is dereferenced by ntohl() in ntpd. Acts as a remote-network issue; exploitation can lead to information leakage and potential denial of ser...