Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:gnu:less:358:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-9488 |
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read. Published: April 14, 2015; 2:59:02 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2004-2264 |
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed Published: December 31, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |