CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15600
https://notcve.org/view.php?id=CVE-2017-15600
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. En GNU Libextractor 1.4, hay una desreferencia de puntero NULL en la función EXTRACTOR_nsf_extract_method de plugins/nsf_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html https://bugzilla.redhat.com/show_bug.cgi?id=1501695 https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15267
https://notcve.org/view.php?id=CVE-2017-15267
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. En GNU Libextractor 1.4, existe una desreferencia de puntero NULL en flac_metadata en flac_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html http://openwall.com/lists/oss-security/2017/10/11/1 http://www.securityfocus.com/bid/101272 https://bugzilla.redhat.com/show_bug.cgi?id=1499600 https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15266
https://notcve.org/view.php?id=CVE-2017-15266
In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. En GNU Libextractor 1.4, hay una vulnerabilidad de división entre cero en EXTRACTOR_wav_extract_method en wav_extractor.c a través de una tasa de muestreo cero. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html http://openwall.com/lists/oss-security/2017/10/11/1 http://www.securityfocus.com/bid/101271 https://bugzilla.redhat.com/show_bug.cgi?id=1499599 https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-369: Divide By Zero •
CVSS: 4.0EPSS: 24%CPEs: 1EXPL: 3CVE-2006-2458 – libextractor 0.5.13 - Multiple Heap Overflows (PoC)
https://notcve.org/view.php?id=CVE-2006-2458
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c). • https://www.exploit-db.com/exploits/1801 http://gnunet.org/libextractor http://secunia.com/advisories/20150 http://secunia.com/advisories/20160 http://secunia.com/advisories/20326 http://secunia.com/advisories/20457 http://securityreason.com/securityalert/916 http://securitytracker.com/id?1016118 http://www.debian.org/security/2006/dsa-1081 http://www.gentoo.org/security/en/glsa/glsa-200605-14.xml http://www.novell.com/linux/security/advisories/2006-06-02.html http:/& •
CVSS: 7.6EPSS: 0%CPEs: 39EXPL: 0CVE-2006-1244
https://notcve.org/view.php?id=CVE-2006-1244
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. • http://secunia.com/advisories/18948 http://secunia.com/advisories/19021 http://secunia.com/advisories/19065 http://secunia.com/advisories/19091 http://secunia.com/advisories/19164 http://secunia.com/advisories/19364 http://secunia.com/advisories/19644 http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz http://www.debian.org/security/2006/dsa-1019 http://www.debian.org/security/2006/dsa-979 http://www.debian.org/security&#x •