Vulnerability CVE-2017-14731: Information
Description
ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.
Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/libofx/libofx/issues/10 |
|
[debian-lts-announce] 20171126 [SECURITY] [DLA 1192-1] libofx security update | |
GLSA-201908-26 |