LibOFX could be made to crash.
Software Description:
- libofx: client-side implementation of Open Financial Exchange
specification
Details:
It was discovered that LibOFX did not properly check for errors in
certain situations, leading to a NULL pointer dereference. A remote
attacker could use this issue to cause a denial of service attack.
(CVE-2019-9656)
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libofx-dev 1:0.9.10-1+deb8u2build0.16.04.1 libofx6 1:0.9.10-1+deb8u2build0.16.04.1 ofx 1:0.9.10-1+deb8u2build0.16.04.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4523-1
CVE-2019-9656
Get the latest Linux and open source security news straight to your inbox.