CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-15101 – liblouis: incomplete fix for CVE-2014-8184
https://notcve.org/view.php?id=CVE-2017-15101
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution. Se ha detectado que faltaba un parche para un desbordamiento de búfer basado en pila en findTable() en la versión Red Hat de liblouis en versiones anteriores a la la 2.5.4. Un atacante podría provocar una denegación de servicio (DoS) o incluso ejecutar código arbitrario. A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. • https://access.redhat.com/errata/RHSA-2017:3384 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101 https://access.redhat.com/security/cve/CVE-2017-15101 https://bugzilla.redhat.com/show_bug.cgi?id=1511023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8184 – liblouis: stack-based buffer overflow in findTable()
https://notcve.org/view.php?id=CVE-2014-8184
A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened. Se encontró una vulnerabilidad en liblouis, versiones 2.5.x anteriores a 2.5.4. Se encontró un desbordamiento de búfer en la región stack de la memoria en la función findTable() en liblouis. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8184 https://github.com/liblouis/liblouis/issues/425 https://access.redhat.com/security/cve/CVE-2014-8184 https://bugzilla.redhat.com/show_bug.cgi?id=1492701 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13743 – liblouis: Buffer overflow in the function _lou_showString()
https://notcve.org/view.php?id=CVE-2017-13743
There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack. Existe un desbordamiento de búfer en Liblouis 3.2.0 que se desencadena en la función _lou_showString() en utils.c que provocaría un ataque de denegación de servicio remoto. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484335 https://access.redhat.com/security/cve/CVE-2017-13743 https://bugzilla.redhat.com/show_bug.cgi?id=1488942 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13741 – liblouis: Use-after-free in the function compileBrailleIndicator()
https://notcve.org/view.php?id=CVE-2017-13741
There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack. Existe una vulnerabilidad de uso después de liberación de memoria (use-after-free) en la función compileTranslationTable.c en Liblouis 3.2.0 que podría acabar en un ataque de denegación de servicio remoto. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484332 https://access.redhat.com/security/cve/CVE-2017-13741 https://bugzilla.redhat.com/show_bug.cgi?id=1488938 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13744 – liblouis: Illegal address access in the _lou_getALine() function
https://notcve.org/view.php?id=CVE-2017-13744
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0. Existe un acceso ilegal a direcciones en la función _lou_getALine() en compileTranslationTable.c:343 en Liblouis 3.2.0. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484338 https://access.redhat.com/security/cve/CVE-2017-13744 https://bugzilla.redhat.com/show_bug.cgi?id=1488935 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •