Fouzhe

**Name of the Vulnerable Software and Affected Versions** libsoup (affected versions not specified) **Description** A Use-After-Free flaw exists in the libsoup library, specifically within the HTTP/2 server implementation. A remote attacker can exploit this by sending crafted HTTP/2 requests that trigger authentication failures. This can lead to the application attempting to access freed memory, potentially causing application instability, crashes, and a Denial of Service (DoS). The vulnerability affects applications relying on libsoup for handling HTTP requests. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Nome do Software Vulnerável e Versões Afetadas: libsoup (versões afetadas não especificadas) Descrição: Uma falha foi encontrada na função `soup multipart new from message()` da biblioteca HTTP libsoup. O problema ocorre quando a biblioteca processa mensagens multipart especialmente elaboradas, levando à validação inadequada e a um erro de cálculo interno, o que pode causar um underflow de inteiro. Isso pode resultar em o programa acessar memória inválida e falhar, criando um risco de negação de serviço. Recomendações: No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

Nome do Software Vulnerável e Versões Afetadas: libsoup (versões afetadas não especificadas) Descrição: Uma falha foi encontrada na lógica de análise de cookies da biblioteca HTTP libsoup, utilizada em aplicativos GNOME e outros softwares. O problema ocorre ao processar a data de expiração de cookies, onde um valor especialmente elaborado pode desencadear um estouro de inteiro. Isso pode resultar em comportamento indefinido, permitindo que um atacante contorne a lógica de expiração de cookies, causando comportamento persistente ou não intencionado dos cookies. O problema origina-se da validação inadequada de entradas de inteiros grandes durante operações aritméticas de data dentro das rotinas de análise de cookies. Recomendações: No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** mxml version 2.12 **Description** A use-after-free issue has been found in the mxmlWalkNext function in mxml-search.c, as demonstrated by mxmldoc. **Recommendations** For version 2.12, consider updating to a newer version that contains a fix for this issue, however at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mini-XML version 2.12 **Description** A stack-based buffer overflow issue has been discovered. It occurs in the `mxml write node` function in `mxml-file.c` and can be triggered by vectors involving a double-precision floating point number and the '<order type="real">' substring. **Recommendations** For Mini-XML version 2.12, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 version 1.3 **Description** A heap-based buffer overflow issue has been discovered in the BerEncoder encodeOctetString function, located in mms/asn1/ber encoder.c. This issue is exploitable and can be triggered with a different data sequence than a previously known attack vector. **Recommendations** For libIEC61850 version 1.3, consider restricting access to the `BerEncoder encodeOctetString` function in `ber encoder.c` until a patch is available. Avoid using the `BerEncoder encodeOctetString` function with potentially malicious input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 version 1.3 **Description** A NULL pointer dereference issue has been identified in the `Ethernet sendPacket` function located in the `ethernet bsd.c` file. **Recommendations** For libIEC61850 version 1.3, consider disabling the `Ethernet sendPacket` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 version 1.3 **Description** A issue has been found in the software, which is a SEGV in the `Ethernet receivePacket` function located in the `ethernet bsd.c` file. **Recommendations** For libIEC61850 version 1.3, consider restricting access to the `Ethernet receivePacket` function in `ethernet bsd.c` to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 version 1.3 **Description** A issue has been found in the software, which is a SEGV in `ControlObjectClient setCommandTerminationHandler` in `client/client control.c`. This issue is disputed by the software maintainer as it requires incorrect usage of the `client example control` program. **Recommendations** For libIEC61850 version 1.3, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 version 1.3 **Description** A NULL pointer dereference issue has been identified in the `ClientDataSet getValues` function located in `client/ied connection.c`. **Recommendations** For libIEC61850 version 1.3, consider applying a patch or fix to resolve the NULL pointer dereference issue in the `ClientDataSet getValues` function.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 version 1.3 **Description** A heap-based buffer overflow issue has been identified in the BerEncoder encodeOctetString function, located in the mms/asn1/ber encoder.c file. **Recommendations** For libIEC61850 version 1.3, consider restricting access to the BerEncoder encodeOctetString function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PDF2JSON version 0.69 **Description** The issue is related to mismatched memory management routines in the XmlFontAccu::CSStyle function within XmlFonts.cc, specifically involving operator new [] versus operator delete. **Recommendations** For PDF2JSON version 0.69, consider applying a patch that corrects the mismatched memory management routines in the XmlFontAccu::CSStyle function to prevent potential memory leaks or crashes.

**Name of the Vulnerable Software and Affected Versions** jpeg encoder through 2015-11-27 **Description** The issue is related to a SEGV in the `readFromBMP` function in `jpeg encoder.cpp`, caused by an out-of-bounds write. **Recommendations** For versions through 2015-11-27, as a temporary workaround, consider disabling the `readFromBMP` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jpeg encoder through 2015-11-27 **Description** A heap-based buffer overflow issue has been discovered in the `readFromBMP` function in `jpeg encoder.cpp`. **Recommendations** For versions through 2015-11-27, as a temporary workaround, consider disabling the `readFromBMP` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PDF2JSON version 0.69 **Description** The issue is related to Mismatched Memory Management Routines, specifically the use of malloc versus operator delete in the HtmlString class within ImgOutputDev.cc. **Recommendations** For PDF2JSON version 0.69, update to a version where the memory management issue in the HtmlString class is resolved, or consider applying a patch that fixes the Mismatched Memory Management Routines if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** dilawar sound through 2017-11-27 **Description** The issue is related to Mismatched Memory Management Routines, specifically the use of operator new [] versus operator delete in the end of openWavFile in wav-file.cc. **Recommendations** For dilawar sound through 2017-11-27, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libwav versions prior to 2017-04-20 **Description** The issue is related to a SEGV in the `wav write` function located in libwav.c. **Recommendations** For versions prior to 2017-04-20, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libwav through 2017-04-20 **Description** The issue is related to a SEGV in the `apply gain` function located in `wav gain/wav gain.c`. **Recommendations** For versions through 2017-04-20, consider restricting access to the `apply gain` function in `wav gain/wav gain.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libwav through 2017-04-20 **Description** The issue is related to an infinite loop in the `wav read` function in libwav.c. **Recommendations** For versions through 2017-04-20, consider disabling the `wav read` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libwav through 2017-04-20 **Description** The issue is related to a SEGV in the `wav free` function in libwav.c. **Recommendations** For versions through 2017-04-20, at the moment, there is no information about a newer version that contains a fix for this issue.