VYPR
Vendor

Libofx Project

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2019-9656HigMar 11, 2019
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofx_sgml.cpp, as demonstrated by ofxdump.

  • CVE-2017-2816HigSep 13, 2017
    risk 0.57cvss 8.8epss 0.02

    An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this…

  • CVE-2017-14731MedSep 25, 2017
    risk 0.42cvss 6.5epss 0.01

    ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.