CVE-2017-17524
- EPSS 1.22%
- Veröffentlicht 14.12.2017 16:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2012-6089
- EPSS 4.02%
- Veröffentlicht 04.01.2013 11:52:15
- Zuletzt bearbeitet 16.06.2026 23:47:48
Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr...
CVE-2012-6090
- EPSS 3.13%
- Veröffentlicht 04.01.2013 11:52:15
- Zuletzt bearbeitet 16.06.2026 23:47:48
Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted fi...
CVE-2011-2896
- EPSS 12.71%
- Veröffentlicht 19.08.2011 17:55:03
- Zuletzt bearbeitet 16.06.2026 23:32:12
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in...