search for: incorrecty

...: cPanel L.L.C. Solution status: Fixed by Vendor Fixed version: 2.3.5.2 Vendor notification: 2019-04-02 Solution date: 2019-04-11 Public disclosure: 2019-04-18 CVE reference: CVE-2019-10691 CVSS: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) ? Vulnerability Details: JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering invalid UTF-8 characters. This can be used to crash dovecot in two ways. Attacker can repeatedly crash Dovecot authentication process by logging in using invalid UTF-8 sequence in username. This requires that auth policy is enabled. Crash can also occur if OX push n...

...: cPanel L.L.C. Solution status: Fixed by Vendor Fixed version: 2.3.5.2 Vendor notification: 2019-04-02 Solution date: 2019-04-11 Public disclosure: 2019-04-18 CVE reference: CVE-2019-10691 CVSS: 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) ? Vulnerability Details: JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering invalid UTF-8 characters. This can be used to crash dovecot in two ways. Attacker can repeatedly crash Dovecot authentication process by logging in using invalid UTF-8 sequence in username. This requires that auth policy is enabled. Crash can also occur if OX push n...

...ocStringBuffer that could result in a crash due to an invalid memory access. (This bug is also present in R-2.15.0 and R-3.0.2.) o The documentation for aperm now says that the default method does not copy attributes (other than dimensions and dimnames). Previously, it incorrecty said it did (as is the case also in R-2.15.0 and R-3.0.2). o Fixed the following bug (also present in R-2.15.0 and R-3.0.2): v <- c(1,2) m <- matrix(c(3,4),1,2) print(t(m)%*%v) print(crossprod(m,v)) in which crossprod gave an error...