Vulnerabilities > Unadf Project

DATE CVE VULNERABILITY TITLE RISK
2016-10-03 CVE-2016-1244 Improper Input Validation vulnerability in multiple products
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
network
low complexity
unadf-project debian CWE-20
8.8
2016-10-03 CVE-2016-1243 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
network
low complexity
debian unadf-project CWE-119
critical
9.8