7 matches found
CVE-2021-44498
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, attackers can cause a type to be incorrectly initialized in the function fincr in srport/fincr.c and cause a crash due to a NULL pointer dereference...
CVE-2021-44499
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that...
DEBIAN-CVE-2021-44507
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of parameter validation in calls to memcpy in strtok in srunix/ztimeoutroutines.c allows attackers to attempt to read from a NULL pointer...
DEBIAN-CVE-2021-44508
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of NULL checks in calls to iousopen in srunix/iousopen.c allows attackers to crash the application by dereferencing a NULL pointer...
DEBIAN-CVE-2021-44496
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...
UBUNTU-CVE-2021-44501
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference...
UBUNTU-CVE-2021-44505
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a NULL pointer dereference after calls to ZPrint...