Vulnerability & Exploit Database

Displaying all 9 entries

Results for: CVE-2018-6192 Back to search

SUSE: CVE-2018-6192: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: January 24, 2018

In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.

Gentoo Linux: CVE-2018-6192: MuPDF: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: January 24, 2018

In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.

Debian: CVE-2018-6192: mupdf -- security update Vulnerability

  • Severity: 4
  • Published: January 24, 2018

In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.

Alpine Linux: CVE-2016-7418: php Multiple issues Vulnerability

  • Severity: 5
  • Published: September 17, 2016

The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_des...

Alpine Linux: CVE-2016-7417: php Multiple issues Vulnerability

  • Severity: 8
  • Published: September 17, 2016

ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data.

Alpine Linux: CVE-2016-7416: php Multiple issues Vulnerability

  • Severity: 5
  • Published: September 17, 2016

ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call ...

Alpine Linux: CVE-2016-7414: php Multiple issues Vulnerability

  • Severity: 8
  • Published: September 17, 2016

The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c a...

Alpine Linux: CVE-2016-7413: php Multiple issues Vulnerability

  • Severity: 8
  • Published: September 17, 2016

Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_de...

Alpine Linux: CVE-2016-7412: php Multiple issues Vulnerability

  • Severity: 7
  • Published: September 17, 2016

ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.