CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15531
https://notcve.org/view.php?id=CVE-2019-15531
23 Aug 2019 — GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. GNU Libextractor hasta la versión 1.9 tiene una sobre-lectura de búfer basada en el montón en la función EXTRACTOR_dvi_extract_method en plugins / dvi_extractor.c. • https://bugs.gnunet.org/view.php?id=5846 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20431 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-20431
24 Dec 2018 — GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. GNU Libextractor, hasta la versión 1.8, tiene una desreferencia de puntero NULL en la función process_metadata() en plugins/ole2_extractor.c. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://www.securityfocus.com/bid/106300 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20430 – Debian Security Advisory 4361-1
https://notcve.org/view.php?id=CVE-2018-20430
24 Dec 2018 — GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. GNU Libextractor, hasta la versión 1.8, tiene una vulnerabilidad de lectura fuera de límites en la función history_extract() en plugins/ole2_extractor.c, relacionada con EXTRACTOR_common_convert_to_utf8 en common/convert.c. Several vulnerabilities were discovered in libextractor, a library to extract arbitrary met... • http://www.securityfocus.com/bid/106300 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 1CVE-2018-16430 – Debian Security Advisory 4290-1
https://notcve.org/view.php?id=CVE-2018-16430
04 Sep 2018 — GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. GNU Libextractor hasta la versión 1.7 tiene una vulnerabilidad de lectura fuera de límites en EXTRACTOR_zip_extract_method() en zip_extractor.c. Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened. • http://www.securityfocus.com/bid/105254 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-14346 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-14346
17 Jul 2018 — GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). GNU Libextractor en versiones anteriores a la 1.7 tiene un desbordamiento de búfer basado en pila en ec_read_file_func (unzip.c). It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-14347 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-14347
17 Jul 2018 — GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). GNU Libextractor en versiones anteriores a la 1.7 contiene una vulnerabilidad de bucle infinito en EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 5CVE-2017-17440 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-17440
06 Dec 2017 — GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c. GNU Libextractor 1.6 permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado de la aplicación) mediante un archivo GIF, IT (Impulse Tr... • http://www.securityfocus.com/bid/102116 • CWE-476: NULL Pointer Dereference •