Libofx Project » Libofx : Security Vulnerabilities, CVEs,

CVE-2019-9656

An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.
Max CVSS
8.8
EPSS Score
0.48%
Published
2019-03-11
Updated
2023-01-20

CVE-2017-14731

ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.
Max CVSS
6.5
EPSS Score
0.41%
Published
2017-09-25
Updated
2019-10-03

CVE-2017-2816

An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability.
Max CVSS
8.8
EPSS Score
0.18%
Published
2017-09-13
Updated
2023-01-28
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close