Package: futatabi
Severity: normal
X-Debbugs-Cc: kangwoos...@gmail.com
Dear Maintainer,
I found a potential integer overflow vulnerability in util.cpp.
At line 14 to 15, the program reads the value of 'width' and 'height' using
fread.
Since there is no bound checking, it may cause an integer ov
Package: nickle
Version: 2.90
Severity: normal
X-Debbugs-Cc: kangwoos...@gmail.com
Dear Maintainer,
I found a potential buffer overflow vulnerability in edit.c.
At line 30, the program reads the value of 'editor' from an environment
variable.
Since size of 'buf' is fixed to 1024, if a malicious
Package: ispell
Version: 3.4.02
Severity: normal
X-Debbugs-Cc: kangwoos...@gmail.com
Dear Maintainer,
there are potential buffer overflow vulnerabilities in ispell.
In tree.c:163, the program reads the value of 'h' from an environment variable.
Then at line 219 and 278, it is used to sprintf wit
Package: elvis-tiny
Severity: normal
X-Debbugs-Cc: kangwoos...@gmail.com
Dear Maintainer,
I found some potential buffer overflow vulnerability in main.c.
--
264 str = getenv("HOME");
265 if (str)
266 {
267 sprintf(tmpblk.c, "%s%c%s", str, SLASH
Package: libpano13-bin
Version: 2.9.20~rc2+dfsg-3
Severity: normal
X-Debbugs-Cc: kangwoos...@gmail.com
Dear Maintainer,
In libpano13, there is a format string vulnerability
that can lead to read and write arbitrary memory values.
The vulnerability starts in panoCroppingMain() in PTcommon.c.
The
Package: gnuplot
Version: 5.4.1+dfsg1-1
Severity: normal
X-Debbugs-Cc: kangwoos...@gmail.com
Dear Maintainer,
In gnuplot, there is a format string vulnerability
that can lead to read and write arbitrary memory values.
In term/post.trm, the program get string from getenv() and pass it to sprintf(
6 matches
Mail list logo
