Vulnerability CVE-2019-19917: Information

Description

Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-19917
Published: Dec. 20, 2019
Modified: Nov. 7, 2023
Error type identifier: CWE-120

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
loutsisyphus3.40-alt43.40-alt4ALT-PU-2020-3465-1263069Fixed
loutp103.40-alt43.40-alt4ALT-PU-2020-3465-1263069Fixed
loutp93.40-alt43.40-alt4ALT-PU-2020-3498-1263097Fixed
loutc10f13.40-alt43.40-alt4ALT-PU-2020-3465-1263069Fixed
loutc9f23.40-alt43.40-alt4ALT-PU-2022-1926-1299908Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://lists.gnu.org/archive/html/lout-users/2019-12/msg00002.html
  • Exploit
  • Mailing List
  • Third Party Advisory
openSUSE-SU-2020:1772
  • Mailing List
  • Third Party Advisory
openSUSE-SU-2020:1812
  • Mailing List
  • Third Party Advisory
openSUSE-SU-2020:1771
  • Mailing List
  • Third Party Advisory
openSUSE-SU-2020:1813
  • Mailing List
  • Third Party Advisory
FEDORA-2020-88fb82d1cd
    FEDORA-2020-869cd99560
      FEDORA-2020-81c80ff1ed

          1. Configuration 1

            cpe:2.3:a:lout_project:lout:3.40:*:*:*:*:*:*:*

            Configuration 2

            cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
            cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
            cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
            cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*

            Configuration 3

            cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
            cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
            cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.5.0
        Back to top