The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2017-11613 | In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer. | MEDIUM | Jul 26, 2017 | 10.17.41.11 (Wind River Linux LTS 17) |
CVE-2017-9611 | The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | MEDIUM | Jul 26, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-9612 | The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. | MEDIUM | Jul 26, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-9726 | The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | MEDIUM | Jul 26, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-9727 | The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | MEDIUM | Jul 26, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-9739 | The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.22 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | MEDIUM | Jul 26, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-9835 | The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.22 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c. | MEDIUM | Jul 26, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-11333 | The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. | Medium | Aug 4, 2017 | 10.17.41.15 (Wind River Linux LTS 17) |
CVE-2017-11714 | psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. | Medium | Aug 4, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12424 | In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts. | HIGH | Aug 4, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12588 | The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | HIGH | Aug 6, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12448 | The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12449 | The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12450 | The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12451 | The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12452 | The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12453 | The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12454 | The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12455 | The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12456 | The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12457 | The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12458 | The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12459 | The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. | Medium | Aug 7, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12600 | OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (CPU consumption) issue, as demonstrated by the 11-opencv-dos-cpu-exhaust test case. | High | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12601 | OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12602 | OpenCV (Open Source Computer Vision Library) through 3.3 has a denial of service (memory consumption) issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case. | High | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12603 | OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12604 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12605 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12606 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12678 | In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | MEDIUM | Aug 7, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12597 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread. | Medium | Aug 8, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12598 | OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. | Medium | Aug 8, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-11368 | In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. | MEDIUM | Aug 9, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-1000099 | When asking to get a file from a file:// URL, libcurl provides a feature that outputs meta-data about the file using HTTP-like headers. The code doing this would send the wrong buffer to the user (stdout or the application\'s provide callback), which could lead to other private data from the heap to get inadvertently displayed. The wrong buffer was an uninitialized memory area allocated on the heap and if it turned out to not contain any zero byte, it would continue and display the data following that buffer in memory. We are not aware of any exploit of this flaw. | MEDIUM | Aug 10, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-1000100 | When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The sendto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn\'t restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl\'s redirect protocols with --proto-redir and libcurl\'s with CURLOPT_REDIR_PROTOCOLS. We are not aware of any exploit of this flaw. | MEDIUM | Aug 10, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-1000101 | curl supports \"globbing\" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be http://ur%20[0-60000000000000000000. We are not aware of any exploit of this flaw. | MEDIUM | Aug 10, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12799 | The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | MEDIUM | Aug 10, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-9800 | A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server\'s repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. | HIGH | Aug 12, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-11185 | The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. | MEDIUM | Aug 18, 2017 | 10.17.41.6 (Wind River Linux LTS 17) |
CVE-2017-12944 | The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation. | MEDIUM | Aug 18, 2017 | 10.17.41.13 (Wind River Linux LTS 17) |
CVE-2017-12967 | The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary. | Medium | Aug 21, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-12862 | In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12863 | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has a integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-12864 | In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | Medium | Aug 21, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13710 | The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | MEDIUM | Aug 27, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-13685 | The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. | Medium | Aug 30, 2017 | 10.17.41.1 (Wind River Linux LTS 17) |
CVE-2017-13716 | The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | High | Aug 30, 2017 | 10.17.41.7 (Wind River Linux LTS 17) |
CVE-2017-13733 | There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack. | Medium | Aug 30, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |
CVE-2017-3735 | While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL since then. | MEDIUM | Aug 30, 2017 | 10.17.41.5 (Wind River Linux LTS 17) |