» 2017 » 9월

CVE-2017-14930

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14930

Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.

Source: CVE-2017-14930

CVE-2017-14929

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14929

In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519.

Source: CVE-2017-14929

CVE-2017-14938

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14938

_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.

Source: CVE-2017-14938

CVE-2017-14926

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14926

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document.

Source: CVE-2017-14926

CVE-2017-14932

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14932

decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.

Source: CVE-2017-14932

CVE-2017-14931

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14931

ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted JPEG file.

Source: CVE-2017-14931

CVE-2017-14940

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14940

scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file.

Source: CVE-2017-14940

CVE-2017-14927

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14927

In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document.

Source: CVE-2017-14927

CVE-2017-14928

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14928

In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.

Source: CVE-2017-14928

CVE-2017-14942

Posted on 2017년 9월 30일2017년 9월 30일 by admin

CVE-2017-14942

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie.

Source: CVE-2017-14942