3 matches found
CVE-2016-10195
CVE-2016-10195 affects libevent’s evdns.c name_parse function, where handling of label_len can trigger an out-of-bounds stack read. The vulnerability exists in libevent up to version prior to 2.1.6-beta, and is described as having unspecified impact for remote attackers via the label_len-related ...
CVE-2016-10196
CVE-2016-10196 : A stack-based buffer overflow in libevent’s evutil_parse_sockaddr_port (evutil.c) before 2.1.6-beta allows a crafted long string in ip_as_string to cause a denial-of-service (segmentation fault). Affected software is libevent prior to 2.1.6-beta; the description notes the fix in ...
CVE-2016-10197
CVE-2016-10197 affects libevent’s evdns.c: the search_make_new function in libevent before 2.1.6-beta can trigger an out-of-bounds read via an empty hostname, leading to denial of service. Affected product is libevent (evdns.c); fixed in the 2.1.6-beta release. Several external advisories referen...