pspp -- multiple vulnerabilities
| Affected packages |
|
|
pspp |
< |
1.0.1 |
|
Details
| VuXML ID |
6876b163-8708-11e7-8568-e8e0b747a45a |
| Discovery |
2017-08-18 |
| Entry |
2017-08-22 |
| Modified |
2017-08-30 |
CVE Details reports:
- There is an Integer overflow in the hash_int function of the libpspp library
in GNU PSPP 0.10.5-pre2 (CVE-2017-10791).
- There is a NULL Pointer Dereference in the function ll_insert() of the libpspp
library in GNU PSPP 0.10.5-pre2 (CVE-2017-10792).
- There is an illegal address access in the function output_hex() in data/data-out.c
of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service (CVE-2017-12958).
- There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c
of the libpspp library in GNU PSPP 0.11.0 that will lead to a remote denial of service attack (CVE-2017-12959).
- There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c
of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service (CVE-2017-12960).
- There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c
of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service (CVE-2017-12961).
References
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright
information.