Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-03-01 CVE-2017-5976 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5975 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5974 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-119
5.5
5.5
2017-03-01 CVE-2017-5886 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4
Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
podofo-project CWE-119
7.8
7.8
2017-03-01 CVE-2017-5855 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4
The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
5.5
2017-03-01 CVE-2017-5854 NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.4
base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
local
low complexity
podofo-project CWE-476
5.5
5.5
2017-03-01 CVE-2017-5853 Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.4
Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.
local
low complexity
podofo-project CWE-190
7.8
7.8
2017-03-01 CVE-2017-5852 Infinite Loop vulnerability in Podofo Project Podofo 0.9.4
The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file.
local
low complexity
podofo-project CWE-835
5.5
5.5
2017-03-01 CVE-2017-5851 NULL Pointer Dereference vulnerability in Mp3Splt Project Mp3Splt 2.6.2
The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
local
low complexity
mp3splt-project CWE-476
5.5
5.5
2017-03-01 CVE-2017-5666 Use After Free vulnerability in Mp3Splt Project Mp3Splt 2.6.2
The free_options function in options_manager.c in mp3splt 2.6.2 allows remote attackers to cause a denial of service (invalid free and crash) via a crafted file.
local
low complexity
mp3splt-project CWE-416
5.5
5.5