CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2019-15531
https://notcve.org/view.php?id=CVE-2019-15531
23 Aug 2019 — GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. GNU Libextractor hasta la versión 1.9 tiene una sobre-lectura de búfer basada en el montón en la función EXTRACTOR_dvi_extract_method en plugins / dvi_extractor.c. • https://bugs.gnunet.org/view.php?id=5846 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20430 – Debian Security Advisory 4361-1
https://notcve.org/view.php?id=CVE-2018-20430
24 Dec 2018 — GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. GNU Libextractor, hasta la versión 1.8, tiene una vulnerabilidad de lectura fuera de límites en la función history_extract() en plugins/ole2_extractor.c, relacionada con EXTRACTOR_common_convert_to_utf8 en common/convert.c. Several vulnerabilities were discovered in libextractor, a library to extract arbitrary met... • http://www.securityfocus.com/bid/106300 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20431 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-20431
24 Dec 2018 — GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. GNU Libextractor, hasta la versión 1.8, tiene una desreferencia de puntero NULL en la función process_metadata() en plugins/ole2_extractor.c. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://www.securityfocus.com/bid/106300 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 1CVE-2018-16430 – Debian Security Advisory 4290-1
https://notcve.org/view.php?id=CVE-2018-16430
04 Sep 2018 — GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. GNU Libextractor hasta la versión 1.7 tiene una vulnerabilidad de lectura fuera de límites en EXTRACTOR_zip_extract_method() en zip_extractor.c. Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened. • http://www.securityfocus.com/bid/105254 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-14346 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-14346
17 Jul 2018 — GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). GNU Libextractor en versiones anteriores a la 1.7 tiene un desbordamiento de búfer basado en pila en ec_read_file_func (unzip.c). It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-14347 – Ubuntu Security Notice USN-4641-1
https://notcve.org/view.php?id=CVE-2018-14347
17 Jul 2018 — GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). GNU Libextractor en versiones anteriores a la 1.7 contiene una vulnerabilidad de bucle infinito en EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. • http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 3%CPEs: 39EXPL: 0CVE-2006-1244
https://notcve.org/view.php?id=CVE-2006-1244
15 Mar 2006 — Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE... • http://secunia.com/advisories/18948 •