MidnightBSD

Advisories for unadf_project

CVE-2016-1243 HIGH

Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
unadf_project unadf 1.0
CVE-2016-1244 HIGH

The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
unadf_project unadf 1.0