Vulnerabilities (CVE)

Filtered by vendor Libofx Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-9656 3 Canonical, Debian, Libofx Project 3 Ubuntu Linux, Debian Linux, Libofx 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.
CVE-2017-2816 2 Debian, Libofx Project 2 Debian Linux, Libofx 2024-11-21 6.8 MEDIUM 8.8 HIGH
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability.
CVE-2017-14731 1 Libofx Project 1 Libofx 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.