Abcm2Ps Project Abcm2Ps vulnerabilities

CVE-2018-10753 [CRITICAL] abcm2ps vulnerabilities abcm2ps vulnerabilities It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-10753, CVE-2018-10771, CVE-2019-1010069) Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when

CVE-2021-32434 [MEDIUM] CWE-125 CVE-2021-32434: abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at d abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c.

CVE-2021-32436 [MEDIUM] CWE-125 CVE-2021-32436: An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote atta An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2021-32435 [MEDIUM] CWE-787 CVE-2021-32435: Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote att Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2019-1010069 [MEDIUM] CVE-2019-1010069: moinejf abcm2ps 8 moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae.

CVE-2018-10771 [CRITICAL] CVE-2018-10771: Stack-based buffer overflow in the get_key function in parse Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

CVE-2010-4743 [HIGH] CVE-2010-4743: Heap-based buffer overflow in the getarena function in abc2ps Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information.

CVE-2010-3441 [HIGH] CVE-2010-3441: Multiple buffer overflows in abcm2ps before 5 Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line.

CVE-2010-4744 [HIGH] CVE-2010-4744: Multiple unspecified vulnerabilities in abcm2ps before 5 Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.

CVE-2004-1258 [CRITICAL] CVE-2004-1258: Buffer overflow in the put_words function in subs Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files.