ALT-PU-2023-1088-1
Closed vulnerabilities
Published: 2017-08-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-12921
PFileFlashPixView::GetGlobalInfoProperty in f_fpxvw.cpp in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted fpx image.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- [oss-security] 20170817 libfpx: NULL pointer dereference in PFileFlashPixView:etGlobalInfoProperty (f_fpxvw.cpp)
- [oss-security] 20170817 libfpx: NULL pointer dereference in PFileFlashPixView:etGlobalInfoProperty (f_fpxvw.cpp)
- https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-pfileflashpixviewgetglobalinfoproperty-f_fpxvw-cpp/
- https://blogs.gentoo.org/ago/2017/08/09/libfpx-null-pointer-dereference-in-pfileflashpixviewgetglobalinfoproperty-f_fpxvw-cpp/
Published: 2017-08-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-12925
Double free vulnerability in DfFromLB in docfile.cxx in libfpx 1.3.1_p6 allows remote attackers to cause a denial of service via a crafted fpx image.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- [oss-security] 20170817 libfpx: double-free in DfFromLB (docfile.cxx)
- [oss-security] 20170817 libfpx: double-free in DfFromLB (docfile.cxx)
- https://blogs.gentoo.org/ago/2017/08/09/libfpx-double-free-in-dffromlb-docfile-cxx/
- https://blogs.gentoo.org/ago/2017/08/09/libfpx-double-free-in-dffromlb-docfile-cxx/