Lucene search
K

7 matches found

CVE
CVE
added 2017/10/18 9:0 p.m.78 views

CVE-2017-15602

GNU Libextractor 1.4 contains a signedness error in EXTRACTOR_nsfe_extract_method (plugins/nsfe_extractor.c) that can cause an infinite loop when given a crafted chunk size. Affected component is the nsfe_extractor, with the root cause described as an integer signedness issue for chunk size. The ...

7.5CVSS7.2AI score0.01514EPSS
CVE
CVE
added 2017/10/11 5:0 p.m.75 views

CVE-2017-15266

CVE-2017-15266 affects GNU Libextractor 1.4, where a Divide-By-Zero can occur in wav_extractor.c when a zero sample rate is encountered. Public sources in connected docs confirm this as a Libextractor vulnerability with potential denial-of-service implications. Affected advisories reference multi...

5.5CVSS6.1AI score0.01441EPSS
CVE
CVE
added 2017/10/18 9:0 p.m.70 views

CVE-2017-15601

CVE-2017-15601: In GNU Libextractor 1.4, there is a heap-based buffer overflow in EXTRACTOR_png_extract_method (plugins/png_extractor.c), related to processiTXt and stndup. Affected as part of Libextractor vulnerabilities tracked across USN/DLA advisories and CNVD entry; impacts include potential...

7.5CVSS7.5AI score0.01648EPSS
CVE
CVE
added 2017/10/11 5:0 p.m.67 views

CVE-2017-15267

CVE-2017-15267 involves a NULL pointer dereference in flac_metadata within flac_extractor.c of GNU Libextractor 1.4. Connected advisories (Ubuntu USN-4641-1, Debian DLA-1198-1, OSV/OPENVAS entries) confirm this Libextractor vulnerability and list CVE-2017-15267 among affected issues; some sources...

7.5CVSS7.3AI score0.02613EPSS
CVE
CVE
added 2017/10/18 9:0 p.m.67 views

CVE-2017-15600

CVE-2017-15600 affects GNU Libextractor version 1.4 and involves a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function (plugins/nsf_extractor.c). The issue can cause a denial of service via a crash when processing certain inputs. The initial description and connected documents c...

7.5CVSS7.3AI score0.02094EPSS
CVE
CVE
added 2017/12/06 5:0 p.m.67 views

CVE-2017-17440

CVE-2017-17440 affects GNU Libextractor 1.6, where processing crafted GIF, IT, NSFE, S3M, SID, or XM files can trigger a NULL pointer dereference and crash (denial of service). Multiple advisories confirm the vulnerability in Libextractor 1.6 and note upstream fixes; a Debian/Arch/Mageia/Fedora/U...

6.5CVSS6.1AI score0.0236EPSS
CVE
CVE
added 2017/10/26 6:0 p.m.64 views

CVE-2017-15922

CVE-2017-15922 is an out-of-bounds read vulnerability in GNU Libextractor. The flaw affects the DVI extractor (EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c), enabling a crafted DVI input to crash the application (DoS) or potentially impact stability. Public sources in the connected doc...

5.5CVSS6.1AI score0.01313EPSS