![]() NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. Stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.Ī double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. ![]() There is an invalid memory access in the TextLine class in in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. It can be triggered by sending a crafted PDF file to (for example) the pdfimages binary. There is a use-after-free issue in JBIG2Stream::close() located in in Xpdf 4.04. It can be triggered by sending a crafted HTML file to the w3m binary. There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. This issue is different from CVE-2018-20230. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.Īn issue was discovered in PSPP 1.6.2. ![]() The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.Ī Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.Īn issue was discovered in PSPP 1.6.2. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The impact depends on the privileges of the attacker. OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |