Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28011 of 28105

CVE-2017-7607

Posted by Cyberthreat Blog | Apr 9, 2017 | CVE Notifications |

The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

CVE-2017-7594

Posted by Cyberthreat Blog | Apr 9, 2017 | CVE Notifications |

The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

CVE-2017-7609

Posted by Cyberthreat Blog | Apr 9, 2017 | CVE Notifications |

elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.

CVE-2017-7602

Posted by Cyberthreat Blog | Apr 9, 2017 | CVE Notifications |

LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

CVE-2017-7610

Posted by Cyberthreat Blog | Apr 9, 2017 | CVE Notifications |

The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

Author: Cyberthreat Blog

CVE-2017-7607

CVE-2017-7594

CVE-2017-7609

CVE-2017-7602

CVE-2017-7610