MidnightBSD

Advisories for mcrypt

CVE-2003-0031 HIGH

Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mcrypt libmcrypt 2.5.3
mcrypt libmcrypt 2.5.1_r4
mcrypt libmcrypt 2.5_.0
mcrypt libmcrypt 2.5.2
CVE-2003-0032 MEDIUM

Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mcrypt libmcrypt 2.5.3
mcrypt libmcrypt 2.5.1_r4
mcrypt libmcrypt 2.5_.0
mcrypt libmcrypt 2.5.2
CVE-2012-4527 MEDIUM

Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mcrypt mcrypt 2.6.7
mcrypt mcrypt 2.6.4
mcrypt mcrypt 2.6.6
mcrypt mcrypt 2.6.5
mcrypt mcrypt *