FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
915855ad-283d-4597-b01e-e0bf611db78b	libspf2 -- Integer Underflow Remote Code Execution Trendmicro ZDI reports: Integer Underflow Remote Code Execution Vulnerability The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account. Discovery 2022-06-06 Entry 2023-10-04 libspf2 le 1.2.11 CVE-2023-42118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42118

VuXML ID

Description

915855ad-283d-4597-b01e-e0bf611db78b

libspf2 -- Integer Underflow Remote Code Execution

Trendmicro ZDI reports:

Integer Underflow Remote Code Execution Vulnerability

The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account.

Discovery 2022-06-06
Entry 2023-10-04
libspf2

le 1.2.11

CVE-2023-42118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42118