Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
26 vulnerabilities found for libextractor by gnu
CVE-2019-15531 (GCVE-0-2019-15531)
Vulnerability from cvelistv5 – Published: 2019-08-23 16:03 – Updated: 2024-08-05 00:49
VLAI
Summary
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugs.gnunet.org/view.php?id=5846 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2019… | mailing-listx_refsource_MLIST |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:49:13.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.gnunet.org/view.php?id=5846"
},
{
"name": "[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00038.html"
},
{
"name": "FEDORA-2019-62b65ed7f6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/"
},
{
"name": "FEDORA-2019-5628767261",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MUJWNWDGGXQLTNQNELKERJ7DLW7E22BK/"
},
{
"name": "FEDORA-2019-b467cab3c8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV5YBIS2UUNUUKQOEKDWUKEEWJIKWFMZ/"
},
{
"name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00016.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-26T21:06:31.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.gnunet.org/view.php?id=5846"
},
{
"name": "[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00038.html"
},
{
"name": "FEDORA-2019-62b65ed7f6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/"
},
{
"name": "FEDORA-2019-5628767261",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MUJWNWDGGXQLTNQNELKERJ7DLW7E22BK/"
},
{
"name": "FEDORA-2019-b467cab3c8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV5YBIS2UUNUUKQOEKDWUKEEWJIKWFMZ/"
},
{
"name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00016.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.gnunet.org/view.php?id=5846",
"refsource": "MISC",
"url": "https://bugs.gnunet.org/view.php?id=5846"
},
{
"name": "[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00038.html"
},
{
"name": "FEDORA-2019-62b65ed7f6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/"
},
{
"name": "FEDORA-2019-5628767261",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MUJWNWDGGXQLTNQNELKERJ7DLW7E22BK/"
},
{
"name": "FEDORA-2019-b467cab3c8",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DV5YBIS2UUNUUKQOEKDWUKEEWJIKWFMZ/"
},
{
"name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00016.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15531",
"datePublished": "2019-08-23T16:03:07.000Z",
"dateReserved": "2019-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:49:13.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20430 (GCVE-0-2018-20430)
Vulnerability from cvelistv5 – Published: 2018-12-24 05:00 – Updated: 2024-08-05 11:58
VLAI
Summary
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2018/dsa-4361 | vendor-advisoryx_refsource_DEBIAN |
| https://gnunet.org/git/libextractor.git/tree/ChangeLog | x_refsource_MISC |
| http://www.securityfocus.com/bid/106300 | vdb-entryx_refsource_BID |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| https://gnunet.org/bugs/view.php?id=5493 | x_refsource_MISC |
Date Public
2018-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106300"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-29T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106300"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"name": "https://gnunet.org/git/libextractor.git/tree/ChangeLog",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "106300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106300"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110"
},
{
"name": "https://gnunet.org/bugs/view.php?id=5493",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20430",
"datePublished": "2018-12-24T05:00:00.000Z",
"dateReserved": "2018-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:58:19.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20431 (GCVE-0-2018-20431)
Vulnerability from cvelistv5 – Published: 2018-12-24 05:00 – Updated: 2024-08-05 11:58
VLAI
Summary
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://gnunet.org/bugs/view.php?id=5494 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2018/dsa-4361 | vendor-advisoryx_refsource_DEBIAN |
| https://gnunet.org/git/libextractor.git/tree/ChangeLog | x_refsource_MISC |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| http://www.securityfocus.com/bid/106300 | vdb-entryx_refsource_BID |
Date Public
2018-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5494"
},
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-29T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5494"
},
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gnunet.org/bugs/view.php?id=5494",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5494"
},
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"name": "https://gnunet.org/git/libextractor.git/tree/ChangeLog",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7"
},
{
"name": "106300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20431",
"datePublished": "2018-12-24T05:00:00.000Z",
"dateReserved": "2018-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:58:19.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16430 (GCVE-0-2018-16430)
Vulnerability from cvelistv5 – Published: 2018-09-04 00:00 – Updated: 2024-08-05 10:24
VLAI
Summary
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4290 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/105254 | vdb-entryx_refsource_BID |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://gnunet.org/bugs/view.php?id=5405 | x_refsource_MISC |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
Date Public
2018-09-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "105254",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105254"
},
{
"name": "[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00011.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5405"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-12T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "105254",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105254"
},
{
"name": "[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00011.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5405"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4290",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "105254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105254"
},
{
"name": "[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00011.html"
},
{
"name": "https://gnunet.org/bugs/view.php?id=5405",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5405"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16430",
"datePublished": "2018-09-04T00:00:00.000Z",
"dateReserved": "2018-09-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:24:32.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14346 (GCVE-0-2018-14346)
Vulnerability from cvelistv5 – Published: 2018-07-17 15:00 – Updated: 2024-08-05 09:21
VLAI
Summary
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4290 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
Date Public
2018-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:41.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-11T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4290",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14346",
"datePublished": "2018-07-17T15:00:00.000Z",
"dateReserved": "2018-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:21:41.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14347 (GCVE-0-2018-14347)
Vulnerability from cvelistv5 – Published: 2018-07-17 15:00 – Updated: 2024-08-05 09:21
VLAI
Summary
GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4290 | vendor-advisoryx_refsource_DEBIAN |
| https://gnunet.org/bugs/view.php?id=5399 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
Date Public
2018-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:41.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5399"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-11T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5399"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4290",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "https://gnunet.org/bugs/view.php?id=5399",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5399"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14347",
"datePublished": "2018-07-17T15:00:00.000Z",
"dateReserved": "2018-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:21:41.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17440 (GCVE-0-2017-17440)
Vulnerability from cvelistv5 – Published: 2017-12-06 17:00 – Updated: 2024-08-05 20:51
VLAI
Summary
GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| https://bugs.debian.org/883528#35 | x_refsource_MISC |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| http://www.securityfocus.com/bid/102116 | vdb-entryx_refsource_BID |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
Date Public
2017-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/883528#35"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html"
},
{
"name": "102116",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102116"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-09T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/883528#35"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html"
},
{
"name": "102116",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102116"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html"
},
{
"name": "https://bugs.debian.org/883528#35",
"refsource": "MISC",
"url": "https://bugs.debian.org/883528#35"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html"
},
{
"name": "102116",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102116"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17440",
"datePublished": "2017-12-06T17:00:00.000Z",
"dateReserved": "2017-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:51:31.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15922 (GCVE-0-2017-15922)
Vulnerability from cvelistv5 – Published: 2017-10-26 18:00 – Updated: 2024-08-05 20:04
VLAI
Summary
In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/101595 | vdb-entryx_refsource_BID |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
Date Public
2017-10-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:50.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "101595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101595"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15922",
"datePublished": "2017-10-26T18:00:00.000Z",
"dateReserved": "2017-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:04:50.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15600 (GCVE-0-2017-15600)
Vulnerability from cvelistv5 – Published: 2017-10-18 21:00 – Updated: 2024-08-05 19:57
VLAI
Summary
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://ftp.gnu.org/gnu/libextractor/libextractor… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1501695 | x_refsource_MISC |
Date Public
2017-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"name": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15600",
"datePublished": "2017-10-18T21:00:00.000Z",
"dateReserved": "2017-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15601 (GCVE-0-2017-15601)
Vulnerability from cvelistv5 – Published: 2017-10-18 21:00 – Updated: 2024-08-05 19:57
VLAI
Summary
In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://ftp.gnu.org/gnu/libextractor/libextractor… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
Date Public
2017-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15601",
"datePublished": "2017-10-18T21:00:00.000Z",
"dateReserved": "2017-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15602 (GCVE-0-2017-15602)
Vulnerability from cvelistv5 – Published: 2017-10-18 21:00 – Updated: 2024-08-05 19:57
VLAI
Summary
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://ftp.gnu.org/gnu/libextractor/libextractor… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
Date Public
2017-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"name": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15602",
"datePublished": "2017-10-18T21:00:00.000Z",
"dateReserved": "2017-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15266 (GCVE-0-2017-15266)
Vulnerability from cvelistv5 – Published: 2017-10-11 17:00 – Updated: 2024-08-05 19:50
VLAI
Summary
In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1499599 | x_refsource_MISC |
| http://openwall.com/lists/oss-security/2017/10/11/1 | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/101271 | vdb-entryx_refsource_BID |
Date Public
2017-10-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "101271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101271"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "101271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599"
},
{
"name": "http://openwall.com/lists/oss-security/2017/10/11/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "101271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15266",
"datePublished": "2017-10-11T17:00:00.000Z",
"dateReserved": "2017-10-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15267 (GCVE-0-2017-15267)
Vulnerability from cvelistv5 – Published: 2017-10-11 17:00 – Updated: 2024-08-05 19:50
VLAI
Summary
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/101272 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2017/10/11/1 | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1499600 | x_refsource_MISC |
Date Public
2017-10-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101272"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "101272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101272"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101272"
},
{
"name": "http://openwall.com/lists/oss-security/2017/10/11/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15267",
"datePublished": "2017-10-11T17:00:00.000Z",
"dateReserved": "2017-10-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15531 (GCVE-0-2019-15531)
Vulnerability from nvd – Published: 2019-08-23 16:03 – Updated: 2024-08-05 00:49
VLAI
Summary
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugs.gnunet.org/view.php?id=5846 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2019… | mailing-listx_refsource_MLIST |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:49:13.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.gnunet.org/view.php?id=5846"
},
{
"name": "[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00038.html"
},
{
"name": "FEDORA-2019-62b65ed7f6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/"
},
{
"name": "FEDORA-2019-5628767261",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MUJWNWDGGXQLTNQNELKERJ7DLW7E22BK/"
},
{
"name": "FEDORA-2019-b467cab3c8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV5YBIS2UUNUUKQOEKDWUKEEWJIKWFMZ/"
},
{
"name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00016.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-26T21:06:31.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.gnunet.org/view.php?id=5846"
},
{
"name": "[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00038.html"
},
{
"name": "FEDORA-2019-62b65ed7f6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/"
},
{
"name": "FEDORA-2019-5628767261",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MUJWNWDGGXQLTNQNELKERJ7DLW7E22BK/"
},
{
"name": "FEDORA-2019-b467cab3c8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV5YBIS2UUNUUKQOEKDWUKEEWJIKWFMZ/"
},
{
"name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00016.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.gnunet.org/view.php?id=5846",
"refsource": "MISC",
"url": "https://bugs.gnunet.org/view.php?id=5846"
},
{
"name": "[debian-lts-announce] 20190830 [SECURITY] [DLA 1904-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00038.html"
},
{
"name": "FEDORA-2019-62b65ed7f6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRQUHTSNOCKGRKPRXPUJ6FGTVZ2K5POL/"
},
{
"name": "FEDORA-2019-5628767261",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MUJWNWDGGXQLTNQNELKERJ7DLW7E22BK/"
},
{
"name": "FEDORA-2019-b467cab3c8",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DV5YBIS2UUNUUKQOEKDWUKEEWJIKWFMZ/"
},
{
"name": "[debian-lts-announce] 20211226 [SECURITY] [DLA 2851-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00016.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15531",
"datePublished": "2019-08-23T16:03:07.000Z",
"dateReserved": "2019-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T00:49:13.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20430 (GCVE-0-2018-20430)
Vulnerability from nvd – Published: 2018-12-24 05:00 – Updated: 2024-08-05 11:58
VLAI
Summary
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2018/dsa-4361 | vendor-advisoryx_refsource_DEBIAN |
| https://gnunet.org/git/libextractor.git/tree/ChangeLog | x_refsource_MISC |
| http://www.securityfocus.com/bid/106300 | vdb-entryx_refsource_BID |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| https://gnunet.org/bugs/view.php?id=5493 | x_refsource_MISC |
Date Public
2018-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106300"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-29T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106300"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"name": "https://gnunet.org/git/libextractor.git/tree/ChangeLog",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "106300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106300"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110"
},
{
"name": "https://gnunet.org/bugs/view.php?id=5493",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20430",
"datePublished": "2018-12-24T05:00:00.000Z",
"dateReserved": "2018-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:58:19.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20431 (GCVE-0-2018-20431)
Vulnerability from nvd – Published: 2018-12-24 05:00 – Updated: 2024-08-05 11:58
VLAI
Summary
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://gnunet.org/bugs/view.php?id=5494 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2018/dsa-4361 | vendor-advisoryx_refsource_DEBIAN |
| https://gnunet.org/git/libextractor.git/tree/ChangeLog | x_refsource_MISC |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| http://www.securityfocus.com/bid/106300 | vdb-entryx_refsource_BID |
Date Public
2018-12-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:58:19.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5494"
},
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-29T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5494"
},
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7"
},
{
"name": "106300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gnunet.org/bugs/view.php?id=5494",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5494"
},
{
"name": "[debian-lts-announce] 20181224 [SECURITY] [DLA 1616-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00015.html"
},
{
"name": "DSA-4361",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4361"
},
{
"name": "https://gnunet.org/git/libextractor.git/tree/ChangeLog",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/tree/ChangeLog"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7"
},
{
"name": "106300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20431",
"datePublished": "2018-12-24T05:00:00.000Z",
"dateReserved": "2018-12-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:58:19.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16430 (GCVE-0-2018-16430)
Vulnerability from nvd – Published: 2018-09-04 00:00 – Updated: 2024-08-05 10:24
VLAI
Summary
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4290 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securityfocus.com/bid/105254 | vdb-entryx_refsource_BID |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://gnunet.org/bugs/view.php?id=5405 | x_refsource_MISC |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
Date Public
2018-09-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "105254",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105254"
},
{
"name": "[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00011.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5405"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-12T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "105254",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105254"
},
{
"name": "[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00011.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5405"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4290",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "105254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105254"
},
{
"name": "[debian-lts-announce] 20180911 [SECURITY] [DLA 1501-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00011.html"
},
{
"name": "https://gnunet.org/bugs/view.php?id=5405",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5405"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16430",
"datePublished": "2018-09-04T00:00:00.000Z",
"dateReserved": "2018-09-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:24:32.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14346 (GCVE-0-2018-14346)
Vulnerability from nvd – Published: 2018-07-17 15:00 – Updated: 2024-08-05 09:21
VLAI
Summary
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4290 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
Date Public
2018-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:41.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-11T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4290",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14346",
"datePublished": "2018-07-17T15:00:00.000Z",
"dateReserved": "2018-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:21:41.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14347 (GCVE-0-2018-14347)
Vulnerability from nvd – Published: 2018-07-17 15:00 – Updated: 2024-08-05 09:21
VLAI
Summary
GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4290 | vendor-advisoryx_refsource_DEBIAN |
| https://gnunet.org/bugs/view.php?id=5399 | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
Date Public
2018-07-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:41.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/bugs/view.php?id=5399"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-11T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-4290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/bugs/view.php?id=5399"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4290",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4290"
},
{
"name": "https://gnunet.org/bugs/view.php?id=5399",
"refsource": "MISC",
"url": "https://gnunet.org/bugs/view.php?id=5399"
},
{
"name": "[debian-lts-announce] 20180826 [SECURITY] [DLA-1478-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14347",
"datePublished": "2018-07-17T15:00:00.000Z",
"dateReserved": "2018-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:21:41.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17440 (GCVE-0-2017-17440)
Vulnerability from nvd – Published: 2017-12-06 17:00 – Updated: 2024-08-05 20:51
VLAI
Summary
GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| https://bugs.debian.org/883528#35 | x_refsource_MISC |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| http://www.securityfocus.com/bid/102116 | vdb-entryx_refsource_BID |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
| https://gnunet.org/git/libextractor.git/commit/?i… | x_refsource_MISC |
| https://lists.gnu.org/archive/html/bug-libextract… | x_refsource_MISC |
Date Public
2017-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/883528#35"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html"
},
{
"name": "102116",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102116"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-09T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/883528#35"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html"
},
{
"name": "102116",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102116"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00005.html"
},
{
"name": "https://bugs.debian.org/883528#35",
"refsource": "MISC",
"url": "https://bugs.debian.org/883528#35"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00001.html"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00000.html"
},
{
"name": "102116",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102116"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00002.html"
},
{
"name": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e",
"refsource": "MISC",
"url": "https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e"
},
{
"name": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-libextractor/2017-11/msg00004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17440",
"datePublished": "2017-12-06T17:00:00.000Z",
"dateReserved": "2017-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:51:31.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15922 (GCVE-0-2017-15922)
Vulnerability from nvd – Published: 2017-10-26 18:00 – Updated: 2024-08-05 20:04
VLAI
Summary
In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/101595 | vdb-entryx_refsource_BID |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
Date Public
2017-10-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:50.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101595"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "101595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101595"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101595"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15922",
"datePublished": "2017-10-26T18:00:00.000Z",
"dateReserved": "2017-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:04:50.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15602 (GCVE-0-2017-15602)
Vulnerability from nvd – Published: 2017-10-18 21:00 – Updated: 2024-08-05 19:57
VLAI
Summary
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://ftp.gnu.org/gnu/libextractor/libextractor… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
Date Public
2017-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html"
},
{
"name": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15602",
"datePublished": "2017-10-18T21:00:00.000Z",
"dateReserved": "2017-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15601 (GCVE-0-2017-15601)
Vulnerability from nvd – Published: 2017-10-18 21:00 – Updated: 2024-08-05 19:57
VLAI
Summary
In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://ftp.gnu.org/gnu/libextractor/libextractor… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
Date Public
2017-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15601",
"datePublished": "2017-10-18T21:00:00.000Z",
"dateReserved": "2017-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15600 (GCVE-0-2017-15600)
Vulnerability from nvd – Published: 2017-10-18 21:00 – Updated: 2024-08-05 19:57
VLAI
Summary
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://ftp.gnu.org/gnu/libextractor/libextractor… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1501695 | x_refsource_MISC |
Date Public
2017-10-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html"
},
{
"name": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501695"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15600",
"datePublished": "2017-10-18T21:00:00.000Z",
"dateReserved": "2017-10-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:57:27.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15267 (GCVE-0-2017-15267)
Vulnerability from nvd – Published: 2017-10-11 17:00 – Updated: 2024-08-05 19:50
VLAI
Summary
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/101272 | vdb-entryx_refsource_BID |
| http://openwall.com/lists/oss-security/2017/10/11/1 | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=1499600 | x_refsource_MISC |
Date Public
2017-10-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101272"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "101272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101272"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101272"
},
{
"name": "http://openwall.com/lists/oss-security/2017/10/11/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499600"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15267",
"datePublished": "2017-10-11T17:00:00.000Z",
"dateReserved": "2017-10-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15266 (GCVE-0-2017-15266)
Vulnerability from nvd – Published: 2017-10-11 17:00 – Updated: 2024-08-05 19:50
VLAI
Summary
In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1499599 | x_refsource_MISC |
| http://openwall.com/lists/oss-security/2017/10/11/1 | x_refsource_MISC |
| http://lists.gnu.org/archive/html/bug-libextracto… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2017… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/101271 | vdb-entryx_refsource_BID |
Date Public
2017-10-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "101271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101271"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "101271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499599"
},
{
"name": "http://openwall.com/lists/oss-security/2017/10/11/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/10/11/1"
},
{
"name": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html",
"refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html"
},
{
"name": "[debian-lts-announce] 20171204 [SECURITY] [DLA 1198-1] libextractor security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html"
},
{
"name": "101271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15266",
"datePublished": "2017-10-11T17:00:00.000Z",
"dateReserved": "2017-10-11T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}