19 matches found
CVE-2017-12950
The CVE-2017-12950 entry concerns libgig 4.0.0: the gig::Region::Region function in gig.cpp is vulnerable to a crafted gig file, allowing remote attackers to trigger a denial of service via a NULL pointer dereference and application crash. Public references concur on a DoS impact, with CVSS infor...
CVE-2021-32294
CVE-2021-32294 affects libgig, with a heap-buffer-overflow in RIFF.cpp:RIFF::List::GetSubList leading to potential code execution. The issue is documented across multiple advisories (NVD, Debian, Red Hat, CNVD, OSV, CNVD variants) as existing up to 20200507. Public details describe the vulnerable...
CVE-2018-14453
CVE-2018-14453 affects libgig 4.1.0 with a heap-based buffer overflow in pData[1] access within the store16 function in helper.h. Supported documents consistently describe the vulnerability as a heap overflow; exploitation details, affected products/versions beyond 4.1.0, and fixes are not provid...
CVE-2018-18192
CVE-2018-18192 affects libgig 4.1.0. The vulnerability is a NULL pointer dereference in DLS::File::GetFirstSample() within DLS.cpp, which can lead to a crash and potential denial of service as described across multiple advisories. The connected documents consistently identify the same root cause ...
CVE-2018-18193
The CVE-2018-18193 issue affects libgig 4.1.0, specifically a heap allocation failure in DLS.cpp via DLS::File::File caused by a large pWavePoolTable heap request (operator new[]). The Red Hat, SUSE, Debian, Ubuntu, and OSV entries all reflect the same underlying flaw. No remediation/patch detail...
CVE-2018-14457
CVE-2018-14457 concerns libgig 4.1.0, with an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp. Connected sources consistently describe this vulnerability in libgig 4.1.0 and reference the same root cause; no public exploit details are provided in the documents, and remediat...
CVE-2018-18195
CVE-2018-18195 concerns libgig 4.1.0, where an FPE (divide-by-zero) occurs in DLS::Sample::Sample within DLS.cpp. The available sources consistently describe a fault in the Sample object construction that can trigger a division-by-zero condition. The materials do not specify affected platforms be...
CVE-2018-14455
The CVE-2018-14455 issue affects libgig 4.1.0, where an out-of-bounds write occurs in pData[0] access within the store32 function in helper.h. Multiple connected sources corroborate this exact flaw. One CNVD-2018-15168 description further notes that an attacker could exploit this by tricking a us...
CVE-2018-14458
CVE-2018-14458 affects libgig 4.1.0. The vulnerability is a heap-based buffer overflow in pData[1] access within the store32 function in helper.h. Some connected sources describe this as enabling arbitrary code execution when a user is tricked into opening a crafted file (per CNVD-2018-15171). Th...
CVE-2018-14450
CVE-2018-14450 affects libgig 4.1.0. The vulnerability is an out-of-bounds read in the update chunks of dimensional regions feature, specifically gig::Region::UpdateChunks in gig.cpp. Multiple sources (CNVD-2018-15177, SUSE SUSEVE, NVD, OSV variants) describe this flaw; some notes mention a poten...
CVE-2018-14451
CVE-2018-14451 affects libgig 4.1.0. A heap-based buffer overflow occurs in RIFF::Chunk::Read (RIFF.cpp). Some sources (CNVD-2018-15176) state an attacker could exploit by tricking a user into opening a crafted file to execute arbitrary code. Other linked advisories reiterate the heap overflow in...
CVE-2018-14454
CVE-2018-14454 affects libgig 4.1.0, due to an out-of-bounds read in RIFF::Chunk::Read (RIFF.cpp). Impact described as potential data exposure/integrity hazard; exploitation details are not provided in the supplied documents. No remediation/fix version is specified in the provided data; monitor f...
CVE-2018-14459
CVE-2018-14459 affects libgig 4.1.0. The vulnerability is an out-of-bounds write in pData[0] access within the store16 function in helper.h. Multiple connected sources (NVD, Ubuntu, OSV, CNVD, SUSE, Nessus/NASL context, etc.) corroborate the same issue. No exploit details or patch/version remedia...
CVE-2018-14452
libgig 4.1.0 contains an out-of-bounds read in gig.cpp within gig::Region::UpdateChunks (the “always assign the sample of the first dimension region of this region” path). Connected sources (CNVD/OSV/SUSE/UBUNTU/NVD) consistently describe this vulnerability as an out-of-bounds read in libgig 4.1....
CVE-2018-14456
CVE-2018-14456 affects libgig 4.1.0. The vulnerability is an out-of-bounds write in DLS.cpp within DLS::Info::SaveString. The available documents confirm the affected component and method but do not provide remediation details, affected platforms beyond libgig 4.1.0, or explicit exploitation info...
CVE-2018-18197
CVE-2018-18197 affects libgig 4.1.0; the issue is an operator new[] failure caused by a large pSampleLoops heap request in DLS.cpp (DLS::Sampler::Sampler). This can cause allocation failure and potential impact on affected systems. Multiple sources (Red Hat, SUSE, NVD, OSV, Ubuntu, Nessus) docume...
CVE-2018-14449
CVE-2018-14449 affects libgig 4.1.0, with an out-of-bounds read in gig::File::UpdateChunks (gig.cpp). The connected documents confirm this specific root cause and affected component. The vulnerability details describe the erroneous memory access but do not provide explicit exploitation conditions...
CVE-2018-18196
CVE-2018-18196 affects libgig 4.1.0, with a heap-based buffer over-read in RIFF::List::GetListTypeString (RIFF.cpp). The issue is consistently described across multiple connected sources (Red Hat, SUSE, OSV, Debian/Ubuntu variants, NVD). CVSSv3 base score is 8.8 (Network, low attack complexity, p...
CVE-2018-18194
CVE-2018-18194 affects libgig 4.1.0, with a heap-based buffer over-read in DLS::Region::GetSample() implemented in DLS.cpp. The issue, reported across Red Hat, SUSE, OSV, NVD and other feeds, does not include publicly documented exploit details in the provided sources. CVSS metrics in the record ...