Download
| Alert*
oval:org.secpod.oval:def:704619
libgxps-dev is installed oval:org.secpod.oval:def:2001222 There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack. oval:org.secpod.oval:def:2000164 There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack. oval:org.secpod.oval:def:1900053 There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps-dev through 0.3.0because it does not reject negative return values from ag_input_stream_read call. A crafted input will lead to a remote denial of service attack. oval:org.secpod.oval:def:1900098 There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps-dev through 0.3.0. A crafted input will lead to a remote denial of service attack. oval:org.secpod.oval:def:2000943 There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. |