CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15601
https://notcve.org/view.php?id=CVE-2017-15601
In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. En GNU Libextractor 1.4, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función EXTRACTOR_png_extract_method en plugins/png_extractor.c, relacionado con processiTXt y stndup. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15600
https://notcve.org/view.php?id=CVE-2017-15600
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. En GNU Libextractor 1.4, hay una desreferencia de puntero NULL en la función EXTRACTOR_nsf_extract_method de plugins/nsf_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html https://bugzilla.redhat.com/show_bug.cgi?id=1501695 https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2011-5320
https://notcve.org/view.php?id=CVE-2011-5320
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. La función scanf y las funciones relacionadas en glibc en versiones anteriores a la 2.15 permiten que usuarios locales provoquen una denegación de servicio (fallo de segmentación) mediante una larga cadena de ceros. • http://www.openwall.com/lists/oss-security/2015/03/12/14 https://bugzilla.redhat.com/show_bug.cgi?id=1196745 https://marc.info/?l=gimp-developer&m=129567990905823&w=2 https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4 https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0 https://sourceware.org/git/? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15267
https://notcve.org/view.php?id=CVE-2017-15267
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. En GNU Libextractor 1.4, existe una desreferencia de puntero NULL en flac_metadata en flac_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html http://openwall.com/lists/oss-security/2017/10/11/1 http://www.securityfocus.com/bid/101272 https://bugzilla.redhat.com/show_bug.cgi?id=1499600 https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15266
https://notcve.org/view.php?id=CVE-2017-15266
In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. En GNU Libextractor 1.4, hay una vulnerabilidad de división entre cero en EXTRACTOR_wav_extract_method en wav_extractor.c a través de una tasa de muestreo cero. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html http://openwall.com/lists/oss-security/2017/10/11/1 http://www.securityfocus.com/bid/101271 https://bugzilla.redhat.com/show_bug.cgi?id=1499599 https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html • CWE-369: Divide By Zero •