CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15938 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15938
27 Oct 2017 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). dwarf2.c en la librería Binary File Descriptor (BFD) (también conocida como libbfd), tal y como viene distribuido en GNU Binutils 2.29, calcula de manera incorrecta las refe... • http://www.securityfocus.com/bid/101610 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15922 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15922
26 Oct 2017 — In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. En GNU Libextractor 1.4, existe una lectura fuera de límites en la función EXTRACTOR_dvi_extract_method function en plugins/dvi_extractor.c. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 18%CPEs: 3EXPL: 0CVE-2017-13090 – GNU Wget: heap overflow in HTTP protocol handling
https://notcve.org/view.php?id=CVE-2017-13090
26 Oct 2017 — The retr.c:fd_read_body() function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to read the chunk in pieces of 8192 bytes by using the MIN() macro, but ends up passing the negative chunk length to retr.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_... • http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.3EPSS: 37%CPEs: 3EXPL: 2CVE-2017-13089 – GNU Wget: stack overflow in HTTP protocol handling
https://notcve.org/view.php?id=CVE-2017-13089
26 Oct 2017 — The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk ... • https://github.com/mzeyong/CVE-2017-13089 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15601 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15601
18 Oct 2017 — In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. En GNU Libextractor 1.4, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función EXTRACTOR_png_extract_method en plugins/png_extractor.c, relacionado con processiTXt y stndup. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of servi... • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15600
https://notcve.org/view.php?id=CVE-2017-15600
18 Oct 2017 — In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. En GNU Libextractor 1.4, hay una desreferencia de puntero NULL en la función EXTRACTOR_nsf_extract_method de plugins/nsf_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15602 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15602
18 Oct 2017 — In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size. En GNU Libextractor 1.4, hay un error en la propiedad signedness de un número entero para el tamaño de fragmento en la función EXTRACTOR_nsfe_extract_method en plugins/nsfe_extractor.c, lo que conduce a un bucle infinito para un tamaño manipulado. It was discovered that Libextractor incorrectly handled zero... • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2011-5320
https://notcve.org/view.php?id=CVE-2011-5320
18 Oct 2017 — scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. La función scanf y las funciones relacionadas en glibc en versiones anteriores a la 2.15 permiten que usuarios locales provoquen una denegación de servicio (fallo de segmentación) mediante una larga cadena de ceros. • http://www.openwall.com/lists/oss-security/2015/03/12/14 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15266 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15266
11 Oct 2017 — In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. En GNU Libextractor 1.4, hay una vulnerabilidad de división entre cero en EXTRACTOR_wav_extract_method en wav_extractor.c a través de una tasa de muestreo cero. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15267 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15267
11 Oct 2017 — In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. En GNU Libextractor 1.4, existe una desreferencia de puntero NULL en flac_metadata en flac_extractor.c. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html • CWE-476: NULL Pointer Dereference •