5 matches found
CVE-2020-27800
A heap-based buffer over-read was discovered in the getle32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file...
DEBIAN-CVE-2021-43315
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5349...
DEBIAN-CVE-2021-43314
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5368...
SUSE CVE-2020-24119
A heap buffer overflow read was discovered in upx 4.0.0, because the check in plxelf.cpp is not perfect...
UBUNTU-CVE-2019-14295
An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory...