Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| moinejf | abcm2ps | 3.7.20 |
Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 14 |
| moinejf | abcm2ps | * |
Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 14 |
| moinejf | abcm2ps | * |
| fedoraproject | fedora | 13 |
Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 14 |
| moinejf | abcm2ps | * |
| fedoraproject | fedora | 13 |
Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 9.0 |
| moinejf | abcm2ps | * |
| fedoraproject | fedora | 31 |
| fedoraproject | fedora | 32 |
| fedoraproject | fedora | 30 |
Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 9.0 |
| moinejf | abcm2ps | * |
| fedoraproject | fedora | 31 |
| fedoraproject | fedora | 32 |
| fedoraproject | fedora | 30 |
moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 9.0 |
| moinejf | abcm2ps | 8.13.20 |