CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13738 – liblouis: Illegal address access in the _lou_getALine function
https://notcve.org/view.php?id=CVE-2017-13738
There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. Existe un acceso ilegal a direcciones en la función _lou_getALine en compileTranslationTable.c:346 en Liblouis 3.2.0. Multiple flaws were found in the processing of translation tables in liblouis. An attacker could crash or potentially execute arbitrary code using malicious translation tables. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484297 https://access.redhat.com/security/cve/CVE-2017-13738 https://bugzilla.redhat.com/show_bug.cgi?id=1488933 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-13739
https://notcve.org/view.php?id=CVE-2017-13739
There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. It will lead to denial of service or remote code execution. Existe un desbordamiento de búfer basado en montículos que hace que se escriban más de dos mil bytes fuera de los límites en Liblouis 3.2.0 que se desencadena en la función resolveSubtable() en compileTranslationTable.c. Esto provocaría una denegación de servicio o una ejecución remota de código. • http://www.securityfocus.com/bid/100607 https://bugzilla.redhat.com/show_bug.cgi?id=1484299 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •