CVE-2017-14731

Source
Severity Medium
Remote Yes
Type Denial of service
Description
ofx_proc_file in ofx_preproc.cpp in LibOFX 0.9.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an ofxdump call.
Group Package Affected Fixed Severity Status Ticket
AVG-536 libofx 0.9.12-1 0.9.13-1 Medium Fixed FS#56544
Date Advisory Group Package Severity Description
20 May 2018 ASA-201805-19 AVG-536 libofx Medium denial of service
References
https://github.com/libofx/libofx/issues/10
https://github.com/libofx/libofx/commit/fad8418f34094de42e1307113598e0e8bee0a2bd