23 matches found
Astra Linux – Vulnerability in libavif
In libavif before version 1.3.0, the makeRoom function in stream.c has an integer overflow, resulting in a buffer overflow at stream-offset+size...
JLSEC-2026-125 In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer...
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size...
Security update for libavif
This update for libavif fixes the following issues: update to 1.3.0: CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in stream-offset+size...
SUSE-SU-2025:02817-1 Security update for libavif
This update for libavif fixes the following issues: - update to 1.3.0: - CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 - CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in...
SUSE-SU-2025:02816-1 Security update for libavif
This update for libavif fixes the following issues: - update to 1.3.0: - CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 - CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in...
SUSE CVE-2025-48174
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size...
UBUNTU-CVE-2025-48174
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size...
CVE-2025-48174
In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream-offset+size...
SUSE CVE-2014-3479
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
SUSE CVE-2014-3487
The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...
Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information
A vulnerability exists in the cdfcheckstreamoffset function in the cdf.c file of the Fileinfo component in PHP, due to the use of incorrect sector size data. Exploiting this vulnerability allows malicious actors to cause a service failure abnormal termination of the application by utilizing a...
PT-2014-8307 · Qemu +5 · Qemu +5
Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue allows remote attackers to execute arbitrary code via a crafted offset or length value in savevm data, specifically in the host from stream offset function in arch init.c when loadin...
CVE-2014-3479
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
DEBIAN-CVE-2014-3479
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
DEBIAN-CVE-2014-3487
The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...
Design/Logic Flaw
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
CVE-2014-3479
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
CVE-2014-3479
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
UBUNTU-CVE-2014-3479
The cdfcheckstreamoffset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service application crash via a crafted stream offset in a CDF...
UBUNTU-CVE-2014-3487
The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...