Att Xmill vulnerabilities

CVE-2022-26507 [CRITICAL] CVE-2022-26507: A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A c A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability

CVE-2021-21811 [CRITICAL] CWE-191 CVE-2021-21811: A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT& A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21826 [CRITICAL] CWE-120 CVE-2021-21826: A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functiona A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger

CVE-2021-21827 [CRITICAL] CWE-120 CVE-2021-21827: A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functiona A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger

CVE-2021-21828 [CRITICAL] CWE-120 CVE-2021-21828: A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functiona A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21825 [CRITICAL] CWE-122 CVE-2021-21825: A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::Un A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21810 [CRITICAL] CWE-122 CVE-2021-21810: A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21830 [CRITICAL] CWE-122 CVE-2021-21830: A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functiona A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21829 [CRITICAL] CWE-122 CVE-2021-21829: A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor:: A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21814 [HIGH] CWE-88 CVE-2021-21814: Within the function HandleFileArg the argument filepattern is under control of the user who passes i Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strlen to determine the ending location of the char* passed in by the user, no checks are done to see if the passed in char* is longer than the staticly sized buffer data is memcpy‘d into, but

CVE-2021-21813 [HIGH] CWE-787 CVE-2021-21813: Within the function HandleFileArg the argument filepattern is under control of the user who passes i Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.

CVE-2021-21815 [HIGH] CWE-787 CVE-2021-21815: A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functio A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a staticl

CVE-2021-21812 [HIGH] CWE-787 CVE-2021-21812: A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functio A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a static