|
246871
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
|
CWE-617
Reachable Assertion
|
CVE-2017-9499
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246872
|
5.5 |
MEDIUM
Local
|
ytnef_project
|
ytnef
|
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9474
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246873
|
5.5 |
MEDIUM
Local
|
ytnef_project
canonical
|
ytnef
ubuntu_linux
|
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
|
NVD-CWE-noinfo
|
CVE-2017-9473
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246874
|
5.5 |
MEDIUM
Local
|
ytnef_project
|
ytnef
|
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9472
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246875
|
5.5 |
MEDIUM
Local
|
ytnef_project
canonical
|
ytnef
ubuntu_linux
|
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9471
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246876
|
5.5 |
MEDIUM
Local
|
ytnef_project
|
ytnef
|
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9470
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246877
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Thus, remote attackers might be able to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9469
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246878
|
7.5 |
HIGH
Network
|
irssi
debian
|
irssi
debian_linux
|
In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9468
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246879
|
7.1 |
HIGH
Local
|
virustotal
|
yara
|
The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain sensitive information from process memory via a …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9465
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246880
|
8.8 |
HIGH
Network
|
mercurial
debian
redhat
|
mercurial
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux_serv…
|
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9462
|
2024-11-21 12:36 |
2017-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
