Debian Libextractor vulnerabilities

CVE-2019-15531 [MEDIUM] CVE-2019-15531: libextractor - GNU Libextractor through 1.9 has a heap-based buffer over-read in the function E... GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c. Scope: local bookworm: resolved (fixed in 1:1.9-2) bullseye: resolved (fixed in 1:1.9-2) forky: resolved (fixed in 1:1.9-2) sid: resolved (fixed in 1:1.9-2) trixie: resolved (fixed in 1:1.9-2)

CVE-2018-16430 [HIGH] CVE-2018-16430: libextractor - GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTO... GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. Scope: local bookworm: resolved (fixed in 1:1.7-1) bullseye: resolved (fixed in 1:1.7-1) forky: resolved (fixed in 1:1.7-1) sid: resolved (fixed in 1:1.7-1) trixie: resolved (fixed in 1:1.7-1)

CVE-2018-14346 [HIGH] CVE-2018-14346: libextractor - GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_fu... GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). Scope: local bookworm: resolved (fixed in 1:1.7-1) bullseye: resolved (fixed in 1:1.7-1) forky: resolved (fixed in 1:1.7-1) sid: resolved (fixed in 1:1.7-1) trixie: resolved (fixed in 1:1.7-1)

CVE-2018-14347 [MEDIUM] CVE-2018-14347: libextractor - GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR... GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c). Scope: local bookworm: resolved (fixed in 1:1.7-1) bullseye: resolved (fixed in 1:1.7-1) forky: resolved (fixed in 1:1.7-1) sid: resolved (fixed in 1:1.7-1) trixie: resolved (fixed in 1:1.7-1)

CVE-2018-20431 [MEDIUM] CVE-2018-20431: libextractor - GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the... GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c. Scope: local bookworm: resolved (fixed in 1:1.8-2) bullseye: resolved (fixed in 1:1.8-2) forky: resolved (fixed in 1:1.8-2) sid: resolved (fixed in 1:1.8-2) trixie: resolved (fixed in 1:1.8-2)

CVE-2018-20430 [MEDIUM] CVE-2018-20430: libextractor - GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the func... GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c. Scope: local bookworm: resolved (fixed in 1:1.8-2) bullseye: resolved (fixed in 1:1.8-2) forky: resolved (fixed in 1:1.8-2) sid: resolved (fixed in 1:1.8-2) trixie:

CVE-2017-15267 [HIGH] CVE-2017-15267: libextractor - In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in... In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c. Scope: local bookworm: resolved (fixed in 1:1.6-1) bullseye: resolved (fixed in 1:1.6-1) forky: resolved (fixed in 1:1.6-1) sid: resolved (fixed in 1:1.6-1) trixie: resolved (fixed in 1:1.6-1)

CVE-2017-17440 [MEDIUM] CVE-2017-17440: libextractor - GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL ... GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins/xm_extractor.c. Scope: local bookworm: resolved (fixed in 1:1

CVE-2017-15266 [MEDIUM] CVE-2017-15266: libextractor - In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_meth... In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate. Scope: local bookworm: resolved (fixed in 1:1.6-1) bullseye: resolved (fixed in 1:1.6-1) forky: resolved (fixed in 1:1.6-1) sid: resolved (fixed in 1:1.6-1) trixie: resolved (fixed in 1:1.6-1)

CVE-2017-15922 [MEDIUM] CVE-2017-15922: libextractor - In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_ext... In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c. Scope: local bookworm: resolved (fixed in 1:1.6-2) bullseye: resolved (fixed in 1:1.6-2) forky: resolved (fixed in 1:1.6-2) sid: resolved (fixed in 1:1.6-2) trixie: resolved (fixed in 1:1.6-2)

CVE-2017-15602 [HIGH] CVE-2017-15602: libextractor - In GNU Libextractor 1.4, there is an integer signedness error for the chunk size... In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size. Scope: local bookworm: resolved (fixed in 1:1.6-1) bullseye: resolved (fixed in 1:1.6-1) forky: resolved (fixed in 1:1.6-1) sid: resolved (fixed in 1:1.6-1) tr

CVE-2017-15601 [HIGH] CVE-2017-15601: libextractor - In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_... In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup. Scope: local bookworm: resolved (fixed in 1:1.6-1) bullseye: resolved (fixed in 1:1.6-1) forky: resolved (fixed in 1:1.6-1) sid: resolved (fixed in 1:1.6-1) trixie: resolved (fixed in 1:1.6-1)

CVE-2017-15600 [HIGH] CVE-2017-15600: libextractor - In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_ns... In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c. Scope: local bookworm: resolved (fixed in 1:1.6-1) bullseye: resolved (fixed in 1:1.6-1) forky: resolved (fixed in 1:1.6-1) sid: resolved (fixed in 1:1.6-1) trixie: resolved (fixed in 1:1.6-1)

CVE-2009-3736 [MEDIUM] CVE-2009-3736: bochs - ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham ... ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2007-5392 [CRITICAL] CVE-2007-5392: cups - Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p1... Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed in 1.1.22-7) forky: resolved (fixed in 1.1.22-7) sid: resolved (fixed in 1.1.22-7) trixie: r

CVE-2007-5393 [CRITICAL] CVE-2007-5393: cups - Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream... Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed in 1.1.22-7) forky: resolved (fixed in 1.1.22-7) sid: resolved (fixed in 1.1.22

CVE-2007-4352 [HIGH] CVE-2007-4352: cups - Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Strea... Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file. Scope: local bookworm: resolved (fixed in 1.1.22-7) bullseye: resolved (fixed in 1.1.22-7) forky: re

CVE-2007-3387 [MEDIUM] CVE-2007-3387: cups - Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, ... Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine fu

CVE-2006-2458 [MEDIUM] CVE-2006-2458: libextractor - Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow re... Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c). Scope: local bookworm: resolved (fixed in 0.5.14-1) bullseye: resolved (fixed in 0

CVE-2006-0301 [HIGH] CVE-2006-0301: libextractor - Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such ... Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. Scope: local b