![]() ![]() The previous patch of () fixed the vulnerability when attr_type did not match the enum value, but there are also vulnerabilities in the handling of other valid cases. Referring to (), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets. Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. No known patches or workarounds exist at time of publication. Exploitation of the vulnerability can be triggered when the configuration file `nf` sets the value of `loglevel `to `DEBUG`. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. OpenPrinting CUPS is an open source printing system. Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. This vulnerability allows attackers to cause a Denial of Service (DoS) when parsing a private key. An attacker could exploit this vulnerability to cause a denial of service attack.ĪxTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.Ī heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. ![]() A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.Ī heap buffer overflow vulnerability exists in NanoMQ 0.17.2. NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the conn_handler function of mqtt_parser.c when it processes malformed messages.Ī heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. Fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c. ![]()
0 Comments
Leave a Reply. |