Search CVE reports
1 – 4 of 4 results
CVE-2019-9656
Negligible prioritySome fixes available 1 of 5
An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.
1 affected packages
libofx
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libofx | Not affected | Not affected | Not affected | Needs evaluation | Fixed |
CVE-2017-2920
Medium priorityAn memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead...
1 affected packages
libofx
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libofx | — | — | — | Not affected | Not affected |
CVE-2017-14731
Low prioritySome fixes available 1 of 3
ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.
1 affected packages
libofx
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libofx | — | — | — | Not affected | Fixed |
CVE-2017-2816
Medium prioritySome fixes available 1 of 3
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can...
1 affected packages
libofx
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libofx | — | — | — | Not affected | Fixed |