Ubuntu CVE Tracker
Home
Main
Universe
Partner
CVE-2017-14731
Priority
Low
Description
ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers
to cause a denial of service (heap-based buffer over-read and application
crash) via a crafted file, as demonstrated by an ofxdump call.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14731
https://github.com/libofx/libofx/issues/10
Notes
Package
Source:
libofx
(
LP
Ubuntu
Debian
)
Upstream:
released
(1:0.9.11-5, 1:0.9.10-1+deb9u1, 1:0.9.4-2.1+deb7u1)
Ubuntu 18.04 LTS
:
not-affected
(1:0.9.12-1)
Ubuntu 14.04 ESM:
DNE
(trusty was needed)
Patches:
More Information
Mitre
NVD
Launchpad
Debian
Updated
: 2022-04-13 12:55:49 UTC (commit
f411bd370d482ef4385c4e751d121a4055fbc009
)