CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-15101 – liblouis: incomplete fix for CVE-2014-8184
https://notcve.org/view.php?id=CVE-2017-15101
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution. Se ha detectado que faltaba un parche para un desbordamiento de búfer basado en pila en findTable() en la versión Red Hat de liblouis en versiones anteriores a la la 2.5.4. Un atacante podría provocar una denegación de servicio (DoS) o incluso ejecutar código arbitrario. A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. • https://access.redhat.com/errata/RHSA-2017:3384 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101 https://access.redhat.com/security/cve/CVE-2017-15101 https://bugzilla.redhat.com/show_bug.cgi?id=1511023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8184 – liblouis: stack-based buffer overflow in findTable()
https://notcve.org/view.php?id=CVE-2014-8184
A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened. Se encontró una vulnerabilidad en liblouis, versiones 2.5.x anteriores a 2.5.4. Se encontró un desbordamiento de búfer en la región stack de la memoria en la función findTable() en liblouis. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8184 https://github.com/liblouis/liblouis/issues/425 https://access.redhat.com/security/cve/CVE-2014-8184 https://bugzilla.redhat.com/show_bug.cgi?id=1492701 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-13739
https://notcve.org/view.php?id=CVE-2017-13739
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution. Existe un desbordamiento de búfer basado en montículos que hace que se escriban más de dos mil bytes fuera de los límites en Liblouis 3.2.0 que se desencadena en la función resolveSubtable() en compileTranslationTable.c. Esto provocaría una denegación de servicio o una ejecución remota de código. • http://www.securityfocus.com/bid/100607 https://bugzilla.redhat.com/show_bug.cgi?id=1484299 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13738 – liblouis: Illegal address access in the _lou_getALine function
https://notcve.org/view.php?id=CVE-2017-13738
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. Existe un acceso ilegal a direcciones en la función _lou_getALine en compileTranslationTable.c:346 en Liblouis 3.2.0. Multiple flaws were found in the processing of translation tables in liblouis. An attacker could crash or potentially execute arbitrary code using malicious translation tables. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484297 https://access.redhat.com/security/cve/CVE-2017-13738 https://bugzilla.redhat.com/show_bug.cgi?id=1488933 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13740 – liblouis: Stack-buffer overflow in the parseChars() function
https://notcve.org/view.php?id=CVE-2017-13740
There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact. Existe un desbordamiento de búfer basado en pila en Liblouis 3.2.0 que se desencadena en la función parseChars() en compileTranslationTable.c que provocaría una denegación de servicio o posiblemente otro impacto no especificado. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484306 https://access.redhat.com/security/cve/CVE-2017-13740 https://bugzilla.redhat.com/show_bug.cgi?id=1488937 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •