3 results (0.002 seconds)

CVSS: 5.1EPSS: 0%CPEs: 16EXPL: 5

Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed. • https://www.exploit-db.com/exploits/25429 https://github.com/tagatac/libsafe-CVE-2005-1125 http://www.overflow.pl/adv/libsafebypass.txt http://www.securityfocus.com/archive/1/395999 http://www.securityfocus.com/bid/13190 •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1

The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. Los envolventes de printf() en libsafe 2.0-11 y anteriores no manejan adecuamente especificadores de indización de argumentos, lo que podria permitir a atacantes explotar ciertas llamadas a funciones mediante argumentos no verificados por libsafe. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0070.html http://online.securityfocus.com/archive/1/263121 http://www.iss.net/security_center/static/8594.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-026.php http://www.securityfocus.com/bid/4327 •

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 1

libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. libsafe 2.0-11 y anteriores permiten a atacantes sortear la protección contra vulnerabilidades de cadenas formateadas mediante cadenas formateadas que usan caractéres "|" (tubería) y otros, que están implentados en libc pero no en libsafe. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0070.html http://online.securityfocus.com/archive/1/263121 http://www.iss.net/security_center/static/8593.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-026.php http://www.securityfocus.com/bid/4326 •