CVE-2016-9586: curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions…

[MEDIUM] Hitachi Energy MSM Product ## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs. ICS Advisory ## Hitachi Energy MSM Product Last RevisedAugust 30, 2022 Alert CodeICSA-22-242-03 ## 1. EXECUTIVE SUMMARY - CVSS v3 7.5 - ATTENTION: Exploitable remotely/low attack complexity - Vendor: Hitachi Energy - Equipment: MSM Product - Vulnerability: Reliance on Uncontrolled Component ## 2. RISK EVALUATION Successful exploitation of this vulnerability could disrupt the functionality of the MSM web interface, steal sensitive user credentials, or cause a denial-of-service condition. ## 3. TECHNICAL DETAILS ## 3.1 AFFECTED PRODUCTS Hitachi Energy reports multiple open-source softwar

CVE-2016-9586 [MEDIUM] curl vulnerabilities Title: curl vulnerabilities Summary: Several security issues were fixed in curl. USN-3441-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9586) Even Rouault discovered that curl incorrectly handled large file names when doing TFTP transfers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. (CVE-2017-1000100) Brian Carpenter and Yongji Ouyang discovered that curl incorrectly handle

CVE-2016-9586 [MEDIUM] curl vulnerabilities Title: curl vulnerabilities Summary: Several security issues were fixed in curl. Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-9586) Even Rouault discovered that curl incorrectly handled large file names when doing TFTP transfers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. (CVE-2017-1000100) Brian Carpenter and Yongji Ouyang discovered that curl incorrectly handled numerical range globbing. A remote attacker could use this issue to cause curl to

CVE-2016-9586 [MEDIUM] CVE-2016-9586: macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite Apple Security Update: About the security content of macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite Product: macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite CVE: CVE-2016-9586 Component: CVE-2016-9586

CVE-2016-9586 [MEDIUM] CVE-2016-9586: macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite Apple Security Update: About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite Product: macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite CVE: CVE-2016-9586 Component: CoreText Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A resource exhaustion issue was addressed through improved input validation.

CVE-2016-9586 [MEDIUM] CWE-122 curl: printf floating point buffer overflow curl: printf floating point buffer overflow curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. Package: rh-dotnetcore10-curl (.NET Core 1.0 on Red Hat Enterprise Linux) - Out of support scope Package: rh-dotnetcore11-curl (.NET Core 1.1 on Red Hat Enterprise Linux) - Out of support scope Package: rh-dotnet20-curl (.NET Core 2.0 on Red Hat Enterprise Linux) - Out of support scope Package: rh-dotnet21-curl (.NET Core 2.1 on Red Hat Enterprise Linux) - Will not fix Package: curl (Red Hat Enterprise Linux 5) - Will not fix Package: curl (Red H

CVE-2016-9586 [MEDIUM] CVE-2016-9586: curl - curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large... curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. Scope: local bookworm: resolved (fixed in 7.52.1-1) bullseye: resolved (fixed in 7.52.1-1) forky: resolved (fixed in 7.52.1-1) sid: resolved (fixed in 7.52.1-1) trixie: resolved (fixed in 7.52.1-1)

CVE-2016-9586 [HIGH] CWE-122 GHSA-9xx8-h3pj-h4h9: curl before version 7 curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.

CVE-2016-9586 [HIGH] CVE-2016-9586: curl before version 7 curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks.

CVE-2016-9586 [HIGH] curl vulnerabilities curl vulnerabilities Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-9586) Even Rouault discovered that curl incorrectly handled large file names when doing TFTP transfers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents. (CVE-2017-1000100) Brian Carpenter and Yongji Ouyang discovered that curl incorrectly handled numerical range globbing. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain

CVE-2016-9586 [MEDIUM] CVE-2016-9586 curl: printf floating point buffer overflow CVE-2016-9586 curl: printf floating point buffer overflow libcurl's implementation of the printf() functions triggers a buffer overflow when doing a large floating point output. The bug occurs when the conversion outputs more than 255 bytes. The flaw happens because the floating point conversion is using system functions without the correct boundary checks. The functions have been documented as deprecated for a long time and users are discouraged from using them in "new programs" as they are planned to get removed at a future point. But as the functions are present and there's nothing preventing users from using them, we expect there to be a certain amount of existing users in the wild. If there are any application that accepts a format string from the outside without necessary input f

CVE-2016-9586 [MEDIUM] CVE-2016-9586 curl: printf floating point buffer overflow [fedora-all] CVE-2016-9586 curl: printf floating point buffer overflow [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora.

CVE-2016-9586 [MEDIUM] CVE-2016-9586 mingw-curl: curl: printf floating point buffer overflow [epel-7] CVE-2016-9586 mingw-curl: curl: printf floating point buffer overflow [epel-7] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora EPEL. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. [bug automatically created by: add-tracking-bugs]

CVE-2016-9586 [MEDIUM] CVE-2016-9586 mingw-curl: curl: printf floating point buffer overflow [fedora-all] CVE-2016-9586 mingw-curl: curl: printf floating point buffer overflow [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported version

One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware ## Abstract Currently, the development of IoT firmware heavily depends on third-party components (TPCs) to improve development efficiency. Nevertheless, TPCs are not secure, and the vulnerabilities in TPCs will influence the security of IoT firmware. Existing works pay less attention to the vulnerabilities caused by TPCs, and we still lack a comprehensive understanding of the security impact of TPC vulnerability against firmware. To fill in the knowledge gap, we design and implement , which leverages syntactical features and control-flow graph features to detect the TPCs in firmware, and then recognizes the corresponding vulnerabilities. Based on , we present the first l