Source: libofx
Version: 1:0.9.11-3
Severity: grave
Tags: upstream security


the following vulnerability was published for libofx.

| An exploitable buffer overflow vulnerability exists in the tag parsing
| functionality of LibOFX 0.9.11. A specially crafted OFX file can cause
| a write out of bounds resulting in a buffer overflow on the stack. An
| attacker can construct a malicious OFX file to trigger this
| vulnerability.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:


Please adjust the affected versions in the BTS as needed.


Reply via email to