Package swi-prolog updated to version 7.4.2-alt1_2 for branch sisyphus in task 201301.

Published: 2012-08-20

BDU:2015-06186

Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-06188

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-06189

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-06190

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-06191

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-06192

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-08769

Уязвимости операционной системы CentOS, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-08770

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-08771

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-08772

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-08773

Severity: CRITICAL (9.3)

References:

Published: 2012-08-20

BDU:2015-08774

Severity: CRITICAL (9.3)

References:

Published: 2011-08-19
Modified: 2024-11-21

CVE-2011-2896

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

Severity: MEDIUM (5.1)

References:

Published: 2013-01-04
Modified: 2024-11-21

CVE-2012-6089

Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.

Severity: HIGH (7.5)

References:

Published: 2013-01-04
Modified: 2024-11-21

CVE-2012-6090

Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted filename.

Severity: HIGH (7.5)

References:

Version: 2.1.0

Package swi-prolog update in sisyphus on 2018-03-04

ALT-PU-2018-1360-1

Closed vulnerabilities

BDU:2015-06186

BDU:2015-06188

BDU:2015-06189

BDU:2015-06190

BDU:2015-06191

BDU:2015-06192

BDU:2015-08769

BDU:2015-08770

BDU:2015-08771

BDU:2015-08772

BDU:2015-08773

BDU:2015-08774

CVE-2011-2896

CVE-2012-6089

CVE-2012-6090