C1208828

Name of the Vulnerable Software and Affected Versions: Liblouis version 3.5.0 Description: The issue is related to an invalid free in the `compileRule` function in `compileTranslationTable.c`, which allows remote attackers to cause a denial of service, potentially leading to an application crash. The vulnerability is also described as a use-after-free issue in the `compileRule` function, which may have unspecified other impacts. Recommendations: For Liblouis version 3.5.0, consider disabling the `compileRule` function as a temporary workaround until a patch is available. Restrict access to the `compileTranslationTable.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libming versions prior to 0.4.8 **Description** The issue is related to the dcputs function in decompile.c, which mishandles cases where the header indicates a file size greater than the actual size. This can be exploited by remote attackers to cause a denial of service, resulting in a segmentation fault and application crash, or possibly have other unspecified impacts. **Recommendations** For versions prior to 0.4.8, update to version 0.4.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libming versions 0.4.8 and earlier **Description** The issue is related to the getString function in decompile.c, which mishandles cases where the header indicates a file size greater than the actual size. This can be exploited by remote attackers to cause a denial of service, resulting in a segmentation fault and application crash, or possibly have other unspecified impacts. **Recommendations** For versions 0.4.8 and earlier, consider restricting the use of the getString function in decompile.c until a patch is available. As a temporary workaround, avoid processing files with headers that indicate a size greater than the actual file size to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libming versions 0.4.8 and earlier **Description** The issue is related to the decompileSETTARGET function in decompile.c, which mishandles cases where the header indicates a file size greater than the actual size. This can allow remote attackers to cause a denial of service, resulting in a segmentation fault and application crash, or possibly have other unspecified impacts. **Recommendations** For libming versions 0.4.8 and earlier, consider disabling the decompileSETTARGET function as a temporary workaround until a patch is available. Restrict access to the decompile.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libming versions through 0.4.8 **Description** The issue is related to the `decompileJUMP` function in `decompile.c`, which mishandles cases where the header indicates a file size greater than the actual size. This can allow remote attackers to cause a denial of service, resulting in a segmentation fault and application crash, or possibly have other unspecified impacts. **Recommendations** For versions through 0.4.8, as a temporary workaround, consider disabling the `decompileJUMP` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LibTIFF versions prior to 4.0.9 **Description** The issue is related to insufficient input validation in the TIFFWriteDirectorySec() function, which can be exploited by remote attackers to cause a denial of service, resulting in an assertion failure and application crash. This can be achieved through a crafted file. **Recommendations** For versions prior to 4.0.9, update to version 4.0.9 or later to resolve the issue. As a temporary workaround, consider restricting the use of the TIFFWriteDirectorySec() function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Exiv2 versions prior to 0.27 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash, or possibly have other unspecified impacts through a crafted file. This is due to the `tEXtToDataBuf` function in `pngimage.cpp`. **Recommendations** For Exiv2 versions prior to 0.27, update to version 0.27 or later to resolve the issue.