CVE-2019-6291

MEDIUM Year: 2019
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-674
View all →

Vulnerability Description

An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem caused by the expr6 function making recursive calls to itself in certain scenarios involving lots of '!' or '+' or '-' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.

Related Vulnerabilities

CVE-2017-0692

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407.

CWE-6742017

CVE-2017-7515

MEDIUM
CVSS:5.5(Medium)

poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.

CWE-6742017

CVE-2017-9616

MEDIUM
CVSS:5.5(Medium)

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.

CWE-6742017

CVE-2017-9617

MEDIUM
CVSS:5.5(Medium)

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.

CWE-6742017

CVE-2018-11254

MEDIUM
CVSS:5.5(Medium)

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a ...

CWE-6742018

CVE-2018-11597

MEDIUM
CVSS:5.5(Medium)

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing check for stack e...

CWE-6742018