Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog prior to 6.2.5 and 6.3.x prior to 6.3.7 allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
swi-prolog swi-prolog 6.2.3 |
||
swi-prolog swi-prolog 6.2.2 |
||
swi-prolog swi-prolog 5.8.3 |
||
swi-prolog swi-prolog 5.8.2 |
||
swi-prolog swi-prolog 5.8.1 |
||
swi-prolog swi-prolog 5.8.0 |
||
swi-prolog swi-prolog 5.6.64 |
||
swi-prolog swi-prolog 5.6.50 |
||
swi-prolog swi-prolog 6.2.1 |
||
swi-prolog swi-prolog 6.0.2 |
||
swi-prolog swi-prolog 5.10.2 |
||
swi-prolog swi-prolog 5.10.0 |
||
swi-prolog swi-prolog 5.6.62 |
||
swi-prolog swi-prolog 5.6.59 |
||
swi-prolog swi-prolog 5.6.54 |
||
swi-prolog swi-prolog 5.6.52 |
||
swi-prolog swi-prolog 6.0.0 |
||
swi-prolog swi-prolog |
||
swi-prolog swi-prolog 5.10.5 |
||
swi-prolog swi-prolog 5.10.4 |
||
swi-prolog swi-prolog 5.6.58 |
||
swi-prolog swi-prolog 5.6.57 |
||
swi-prolog swi-prolog 5.6.56 |
||
swi-prolog swi-prolog 5.6.55 |
||
swi-prolog swi-prolog 6.2.0 |
||
swi-prolog swi-prolog 6.0.1 |
||
swi-prolog swi-prolog 5.10.3 |
||
swi-prolog swi-prolog 5.10.1 |
||
swi-prolog swi-prolog 5.6.63 |
||
swi-prolog swi-prolog 5.6.61 |
||
swi-prolog swi-prolog 5.6.53 |
||
swi-prolog swi-prolog 5.6.51 |
||
swi-prolog swi-prolog 6.3.6 |
||
swi-prolog swi-prolog 6.3.5 |
||
swi-prolog swi-prolog 6.3.3 |
||
swi-prolog swi-prolog 6.3.1 |
||
swi-prolog swi-prolog 6.3.0 |
||
swi-prolog swi-prolog 6.3.4 |
||
swi-prolog swi-prolog 6.3.2 |
Vulmon