Vulnerability CVE-2017-14731: Information

Description

ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-14731
Published: Sept. 26, 2017
Modified: Oct. 3, 2019
Error type identifier: CWE-125

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/libofx/libofx/issues/10
  • Exploit
  • Issue Tracking
  • Patch
  • Third Party Advisory
[debian-lts-announce] 20171126 [SECURITY] [DLA 1192-1] libofx security update
    GLSA-201908-26

        1. Configuration 1

          cpe:2.3:a:libofx_project:libofx:0.9.12:*:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.1
      Back to top