Published: 26/10/2017 Updated: 04/02/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu libextractor 1.4

Debian Bug report logs - #883691 game-music-emu: CVE-2017-17446: AddressSanitizer: negative-size-param: (size=-8), size=-8 passed to memcpy in Mem_File_Reader::read_avail Package: src:game-music-emu; Maintainer for src:game-music-emu is Sebastian Dröge <slomo@debianorg>; Reported by: Markus Koschany <apo@debianorg> ...

Debian Bug report logs - #907987 libextractor: CVE-2018-16430: Out of Bound Read Package: src:libextractor; Maintainer for src:libextractor is Bertrand Marc <bmarc@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 4 Sep 2018 20:27:02 UTC Severity: serious Tags: patch, security, upstream ...

Debian Bug report logs - #904903 libextractor: CVE-2018-14346: stack-buffer-underflow Package: src:libextractor; Maintainer for src:libextractor is Bertrand Marc <bmarc@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 29 Jul 2018 11:03:02 UTC Severity: serious Tags: patch, security, upstr ...

Debian Bug report logs - #880016 libextractor: CVE-2017-15922 Package: src:libextractor; Maintainer for src:libextractor is Bertrand Marc <bmarc@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 28 Oct 2017 12:30:02 UTC Severity: important Tags: patch, security, upstream Found in version ...

Debian Bug report logs - #904905 libextractor: CVE-2018-14347: Infinite loop in extract Package: src:libextractor; Maintainer for src:libextractor is Bertrand Marc <bmarc@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 29 Jul 2018 11:09:01 UTC Severity: serious Tags: patch, security, ups ...

Debian Bug report logs - #883528 libextractor: CVE-2017-17440: various null pointer dereferences in GIF, IT, NSFE, S3M, SID and XM plugins Package: src:libextractor; Maintainer for src:libextractor is Bertrand Marc <bmarc@debianorg>; Reported by: Markus Koschany <apo@debianorg> Date: Mon, 4 Dec 2017 19:15:01 UTC S ...

In GNU Libextractor before 16, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractorc ...

CWE-125 http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html http://www.securityfocus.com/bid/101595 https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883691 https://security.archlinux.org/CVE-2017-15922

Get Started

CVE-2017-15922

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect