3 matches found
CVE-2016-9888
The CVE-2016-9888 vulnerability affects GNOME Structured File Library (libgsf) before 1.14.41. The issue arises in tar_directory_for_file() within gsf-infile-tar.c, where a crafted TAR file can trigger a NULL pointer dereference, leading to a crash. Multiple connected advisories confirm the affec...
CVE-2024-36474
Summary: CVE-2024-36474 affects the GNOME libgsf library (G Structured File Library), specifically the Compound Document Binary File format parser in version 1.14.52. A crafted file can trigger an integer overflow while processing the directory, allowing an out-of-bounds access and potentially ar...
CVE-2024-42415
CVE-2024-42415 is a libgsf (GNOME Structured File Library) vulnerability affecting version 1.14.52, where an integer overflow in the Compound Document Binary File format parser can trigger a heap-based buffer overflow during sector allocation table processing, enabling arbitrary code execution. T...