191 matches found
CVE-2017-14408
A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...
CVE-2017-14408
The CVE-2017-14408 entry relates to MP3Gain (mpglibDBL) where a stack-based buffer over-read in dct36 (layer3.c) can crash an affected application, enabling remote denial of service. Connected sources confirm this issue across multiple advisories for MP3Gain 1.5.2 and describe a similar pattern o...
CVE-2017-14408
A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...
Updated poppler packages fix security vulnerabilities
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PDF document CVE-2017-9776. The function GfxImageColorMap::getGray in GfxState.cc in...
CVE-2017-12951
The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted gig file...
Stack overflow
The getsym function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a malformed tekhex binary...
CVE-2017-12967
The getsym function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a malformed tekhex binary...
CVE-2017-12967
The getsym function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a malformed tekhex binary...
Stack overflow
The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...
CVE-2017-11423
The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...
CVE-2017-11423
The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...
CVE-2017-11423
The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...
CVE-2017-11423
The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...
CVE-2017-11423
CVE-2017-11423 affects libmspack’s cabd_read_string in mspack/cabd.c (0.5alpha) used by ClamAV before 0.99.4. A crafted CAB file can trigger a stack-based buffer over-read, causing denial of service. Connected advisories confirm the issue and point to upstream fixes in libmspack (0.6alpha and new...
CVE-2017-11423
The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
CVE-2017-9865
The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc...
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
CVE-2017-9954
The CVE-2017-9954 issue affects GNU Binutils’ Binary File Descriptor library (libbfd), specifically the tekhex.c getvalue function. A crafted tekhex file can trigger a stack-based buffer over-read in nm, causing an application crash (DoS). Root cause is mishandling in getvalue within tekhex.c of ...