VYPR
Vendor

Mcrypt

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2012-4409Nov 21, 2012
    risk 0.04cvss epss 0.15

    Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption.

  • CVE-2012-4527Nov 21, 2012
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.

  • CVE-2012-4426Nov 21, 2012
    risk 0.00cvss epss 0.05

    Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving (1) errors.c or (2) mcrypt.c.

  • CVE-2003-0031Jan 17, 2003
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).

  • CVE-2003-0032Jan 17, 2003
    risk 0.00cvss epss 0.02

    Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.