The vulnerability of the ParseComment() function in the library for working with X Pixmap (XPM) libXpm allows a attacker to cause a service failure.

The vulnerability of the ParseComment function in the library for working with X Pixmap XPM files, libXpm, is related to an infinite loop during the processing of unclosed comments. Exploiting this vulnerability could allow a malicious actor to cause service failures through a specially created X...

libXpm security update

3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...

libXpm: Infinite loop on unclosed comments

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...

libXpm: Infinite loop on unclosed comments

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...

libXpm: Infinite loop on unclosed comments

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...

libXpm: Infinite loop on unclosed comments

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...

libXpm: Infinite loop on unclosed comments

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...

libXpm security update

An update is available for libXpm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands...

libXpm -- Issues handling XPM files

The X.Org project reports: CVE-2022-46285: Infinite loop on unclosed comments When reading XPM images from a file with libXpm 3.5.14 or older, if a comment in the file is not closed i.e. a C-style comment starts with "/" and is missing the closing "/", the ParseComment function will loop forever...

The vulnerability of the libxml2 library allows attackers to obtain confidential information, cause service failures, or exert other types of damage.

The vulnerability of the htmlParseComment function in the libxml2 library is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to obtain confidential information, cause service failure termination of the application, or have other effects through an unclosed HTML...

libxml2: out-of-bounds memory access when parsing an unclosed HTML comment

It was discovered that libxml2 could access out-of-bounds memory when parsing unclosed HTML comments. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to disclose heap memory contents...

Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

Several vulnerabilities were discovered in the libxml2 and libxslt libraries that the Nokogiri gem depends on. CVE-2015-1819 A denial of service flaw was found in the way libxml2 parsed XML documents. This flaw could cause an application that uses libxml2 to use an excessive amount of memory...

Code injection

PHPIDS before 20070703 does not properly handle 1 arithmetic expressions and 2 unclosed comments, which allows remote attackers to inject arbitrary web script...

CVE-2007-3578

PHPIDS before 20070703 does not properly handle 1 arithmetic expressions and 2 unclosed comments, which allows remote attackers to inject arbitrary web script...