CVE-2017-17524
- EPSS 0.55%
- Published 14.12.2017 16:29:00
- Last modified 20.04.2025 01:37:25
library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
CVE-2012-6089
- EPSS 2.55%
- Published 04.01.2013 11:52:15
- Last modified 11.04.2025 00:51:21
Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr...
CVE-2012-6090
- EPSS 2.1%
- Published 04.01.2013 11:52:15
- Last modified 11.04.2025 00:51:21
Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted fi...
CVE-2011-2896
- EPSS 5.27%
- Published 19.08.2011 17:55:03
- Last modified 11.04.2025 00:51:21
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in...