Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
afflib vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-2053
Multiple stack-based buffer overflows in AFFLIB prior to 2.2.6 allow remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp; (2) a long (a) path or (b) bucket in an S3 UR...
Afflib Afflib
7.5
CVSSv2
CVE-2007-2054
Multiple format string vulnerabilities in AFFLIB prior to 2.2.6 allow remote malicious users to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls in (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) tools/afi...
Afflib Afflib
7.5
CVSSv2
CVE-2007-2055
AFFLIB 2.2.8 and previous versions allows malicious users to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the ge...
Afflib Afflib
10
CVSSv2
CVE-2007-2352
Multiple format string vulnerabilities in AFFLIB 2.2.6 allow remote malicious users to execute arbitrary code via certain command line parameters, which are used in (1) warn and (2) err calls, possibly involving (a) lib/s3.cpp, (b) tools/afconvert.cpp, (c) tools/afcopy.cpp, (d) t...
Afflib Afflib
4.3
CVSSv2
CVE-2018-8050
The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) up to and including 3.7.16 allows remote malicious users to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value.
Afflib Project Afflib
NA
CVE-2007-2056
Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and previous versions allows local users to overwrite arbitrary files via a symlink attack on temporary lock files (aka "time-of-check-time-of-use file race"). NOTE: the researcher has retracted ...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started