Page 2 of 15 results (0.011 seconds)

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2018-14346

https://notcve.org/view.php?id=CVE-2018-14346

GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). GNU Libextractor en versiones anteriores a la 1.7 tiene un desbordamiento de búfer basado en pila en ec_read_file_func (unzip.c). • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html https://www.debian.org/security/2018/dsa-4290 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 5

CVE-2017-17440

https://notcve.org/view.php?id=CVE-2017-17440

GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c. GNU Libextractor 1.6 permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado de la aplicación) mediante un archivo GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID o XM (eXtended Module) manipulado, como se ha demostrado por la función EXTRACTOR_xm_extract_method en plugins/xm_extractor.c. • http://www.securityfocus.com/bid/102116 https://bugs.debian.org/883528#35 https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html https://lists.gnu.org/archive/ • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-15922

https://notcve.org/view.php?id=CVE-2017-15922

In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. En GNU Libextractor 1.4, existe una lectura fuera de límites en la función EXTRACTOR_dvi_extract_method function en plugins/dvi_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html http://www.securityfocus.com/bid/101595 https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-15602

https://notcve.org/view.php?id=CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size. En GNU Libextractor 1.4, hay un error en la propiedad signedness de un número entero para el tamaño de fragmento en la función EXTRACTOR_nsfe_extract_method en plugins/nsfe_extractor.c, lo que conduce a un bucle infinito para un tamaño manipulado. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-15601

https://notcve.org/view.php?id=CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. En GNU Libextractor 1.4, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función EXTRACTOR_png_extract_method en plugins/png_extractor.c, relacionado con processiTXt y stndup. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •