Taolaw

**Name of the Vulnerable Software and Affected Versions** Toybox version 0.8.7 **Description** The issue is related to a NULL pointer dereference in the httpd.c component, which can cause a Denial of Service (DoS) via unspecified vectors. **Recommendations** For Toybox version 0.8.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xpdf version 4.03 **Description** The issue is related to a Null Pointer Dereference in the `XFAScanner::scanNode()` function, located in `XFAScanner.cc`. This problem can lead to potential crashes or other unintended behavior when the function is called with a null pointer. **Recommendations** For xpdf version 4.03, consider disabling the `XFAScanner::scanNode()` function until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Busybox versions 1.35-x **Description** The issue is related to a use-after-free in the awk applet of Busybox, which can lead to denial of service and possibly code execution when processing a crafted awk pattern in the `copyvar` function. This allows a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For Busybox version 1.35-x, consider disabling the `copyvar` function in the awk applet as a temporary workaround until a patch is available. Restrict access to the awk applet to minimize the risk of exploitation. Avoid using the `copyvar` function when processing awk patterns until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue arises when processing a specially crafted JXR file, causing the StreamCalcIFDSize function in JXRMeta.c to recursively call itself due to improper file handling, leading to stack exhaustion. This can be exploited by an attacker to achieve a remote denial of service attack by sending a specially constructed file. **Recommendations** For FreeImage version 3.18.0, consider avoiding the use of the StreamCalcIFDSize function in JXRMeta.c until a patch is available, or refrain from processing untrusted JXR files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue arises from the mishandling of the OpenJPEG j2k read ppm v3 function in j2k.c, leading to an out-of-bounds access. This occurs because the value of `l N ppm` comes from the file being read, and the code fails to account for the possibility that `l N ppm` may exceed the size of `p header data`. **Recommendations** For FreeImage version 3.18.0, consider applying a patch or fix that properly handles the `l N ppm` value to prevent out-of-bounds access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue is related to the TIFFReadDirectory function in PluginTIFF.cpp, which always returns 1 when reading a special TIFF file, leading to stack exhaustion. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For FreeImage version 3.18.0, consider disabling the TIFFReadDirectory function in PluginTIFF.cpp as a temporary workaround until a patch is available. Restrict access to the PluginTIFF.cpp module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.