4 matches found
CVE-2018-15158
CVE-2018-15158 affects the libesedb project: the function libesedb_page_read_values in libesedb_page.c can be invoked by a crafted esedb file to trigger a heap-based buffer over-read. Affected versions are those prior to 2018-04-01. The vendor has disputed the issue (per GitHub issue comments). T...
CVE-2018-15160
CVE-2018-15160 affects the libesedb project: the vulnerability is in the function libesedb_catalog_definition_read in libesedb_catalog_definition.c , which may cause a heap-based buffer over-read when processing a crafted esedb file. Affected versions are stated as before 2018-04-01. The vendor d...
CVE-2018-15159
The vulnerability CVE-2018-15159 affects libesedb: versions prior to 2018-04-01; root cause is a flaw in the libesedb_page_read_tags function within libesedb_page.c that allows a heap-based buffer over-read when processing crafted esedb files. The issue is disputed by the vendor. Impact details p...
CVE-2018-15161
CVE-2018-15161 affects libesedb, specifically the libesedb_key_append_data function in libesedb_key.c, with a heap-based buffer over-read triggered by a crafted esedb file. The issue exists in libesedb up to 2018-04-01; the vendor has disputed the claim per GitHub issue comments. Connected source...