CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-15531
https://notcve.org/view.php?id=CVE-2019-15531
23 Aug 2019 — GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. GNU Libextractor hasta la versión 1.9 tiene una sobre-lectura de búfer basada en el montón en la función EXTRACTOR_dvi_extract_method en plugins / dvi_extractor.c. • https://bugs.gnunet.org/view.php?id=5846 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20431 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-20431
24 Dec 2018 — GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. GNU Libextractor, hasta la versión 1.8, tiene una desreferencia de puntero NULL en la función process_metadata() en plugins/ole2_extractor.c. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://www.securityfocus.com/bid/106300 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20430 – Debian Security Advisory 4361-1
https://notcve.org/view.php?id=CVE-2018-20430
24 Dec 2018 — GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. GNU Libextractor, hasta la versión 1.8, tiene una vulnerabilidad de lectura fuera de límites en la función history_extract() en plugins/ole2_extractor.c, relacionada con EXTRACTOR_common_convert_to_utf8 en common/convert.c. Several vulnerabilities were discovered in libextractor, a library to extract arbitrary met... • http://www.securityfocus.com/bid/106300 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 1CVE-2018-16430 – Debian Security Advisory 4290-1
https://notcve.org/view.php?id=CVE-2018-16430
04 Sep 2018 — GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. GNU Libextractor hasta la versión 1.7 tiene una vulnerabilidad de lectura fuera de límites en EXTRACTOR_zip_extract_method() en zip_extractor.c. Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened. • http://www.securityfocus.com/bid/105254 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-14346 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-14346
17 Jul 2018 — GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). GNU Libextractor en versiones anteriores a la 1.7 tiene un desbordamiento de búfer basado en pila en ec_read_file_func (unzip.c). It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-14347 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-14347
17 Jul 2018 — GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). GNU Libextractor en versiones anteriores a la 1.7 contiene una vulnerabilidad de bucle infinito en EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15922 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15922
26 Oct 2017 — In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. En GNU Libextractor 1.4, existe una lectura fuera de límites en la función EXTRACTOR_dvi_extract_method function en plugins/dvi_extractor.c. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15601 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15601
18 Oct 2017 — In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. En GNU Libextractor 1.4, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función EXTRACTOR_png_extract_method en plugins/png_extractor.c, relacionado con processiTXt y stndup. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of servi... • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-15600
https://notcve.org/view.php?id=CVE-2017-15600
18 Oct 2017 — In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. En GNU Libextractor 1.4, hay una desreferencia de puntero NULL en la función EXTRACTOR_nsf_extract_method de plugins/nsf_extractor.c. • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-15602 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2017-15602
18 Oct 2017 — In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size. En GNU Libextractor 1.4, hay un error en la propiedad signedness de un número entero para el tamaño de fragmento en la función EXTRACTOR_nsfe_extract_method en plugins/nsfe_extractor.c, lo que conduce a un bucle infinito para un tamaño manipulado. It was discovered that Libextractor incorrectly handled zero... • http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •