Vulnerabilities > CVE-2019-9656 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
libofx-project
debian
canonical
CWE-476
nessus

Summary

An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.

Vulnerable Configurations

Part Description Count
Application
Libofx_Project
1
OS
Debian
1
OS
Canonical
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyDebian Local Security Checks
NASL idDEBIAN_DLA-2001.NASL
descriptionThere is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump. For Debian 8
last seen2020-06-01
modified2020-06-02
plugin id131246
published2019-11-25
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/131246
titleDebian DLA-2001-1 : libofx security update