RSS   Vulnerabilities for 'Cygwin'   RSS

2017-07-21
 
CVE-2017-7523

CWE-119
 

 
Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buffer overflow vulnerability in wcsxfrm/wcsxfrm_l functions resulting into denial-of-service by crashing the process or potential hijack of the process running with administrative privileges triggered by specially crafted input string.

 
2017-04-21
 
CVE-2016-3067

 

 
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.

 


Copyright 2024, cxsecurity.com

 

Back to Top