1103 matches found
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...
CVE-2017-9209
CVE-2017-9209 affects libqpdf.a in QPDF 6.0.0, enabling denial of service via crafted PDF and a call path involving QPDFObjectHandle::parseInternal (qpdf-infiniteloop2). Connected advisories (EulerOS, OpenVAS, Nessus) corroborate that the vulnerability stems from infinite recursion/stack consumpt...
CVE-2017-9208
CVE-2017-9208 is a vulnerability in libqpdf.a of QPDF 6.0.0 where a crafted PDF can trigger infinite recursion and stack consumption, causing a denial of service. The issue is linked to the releaseResolved functions, i.e., qpdf-infiniteloop1, and is discussed alongside related CVEs (CVE-2017-9209...
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...
UBUNTU-CVE-2017-9210
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3...
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...
CVE-2017-8053
PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...
CVE-2017-8053
PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...
DEBIAN-CVE-2017-8053
PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...
CVE-2017-8053
PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...
Denial Of Service (DoS)
yaml-cpp aka LibYaml is vulnerable to denial of service DoS attacks. The attacks are possible because the SingleDocParser::HandleNode function does not handle YAML files properly, allowing the attackers to trigger stack consumption and application crash using malicious YAML files...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
Code injection
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
UBUNTU-CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2016-10221
The countentries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service stack consumption and application crash via a crafted PDF document...
CVE-2017-5950
yaml-cpp (LibYaml-C++) vulnerability CVE-2017-5950 stems from SingleDocParser::HandleNode and affects 0.5.x series (e.g., 0.5.3). A crafted YAML file can cause stack consumption and application crash (DoS). Remediation per connected advisories: rebuild/upgrade to yaml-cpp 0.6.0 or newer (Fedora 2...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2016-4571
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...
CVE-2016-4571
The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...