Vulnerabilities > CVE-2019-9656 - NULL Pointer Dereference vulnerability in multiple products

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

nessus

NVD

Published: 2019-03-11

Updated: 2023-01-20

Summary

An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.

Vulnerable Configurations

Part	Description	Count
Application	Libofx_Project Libofx Project Libofx 0.9.14	1
OS	Debian Debian Debian Linux 8.0	1
OS	Canonical Canonical Ubuntu Linux 16.04	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-2001.NASL
description	There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump. For Debian 8
last seen	2020-06-01
modified	2020-06-02
plugin id	131246
published	2019-11-25
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131246
title	Debian DLA-2001-1 : libofx security update

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References