Open Babel
Monthly
Open Babel versions up to 3.1.1 contain a null pointer dereference in the CDXML file handler's OBAtom::GetExplicitValence function, allowing remote attackers to crash the application through maliciously crafted files. Public exploit code exists for this vulnerability, making it a practical attack vector for denial of service. A patch is available and should be applied to all affected installations.
Out-of-bounds memory reads in Open Babel's MOL2 file handler (via OBAtom::SetFormalCharge function) allow remote attackers to trigger denial of service through malicious molecule files. Public exploit code is available for this vulnerability, which remains unpatched as of the advisory date. Versions up to 3.1.1 are affected.
Out-of-bounds read in Open Babel's CIF file handler (versions up to 3.1.1) allows remote denial of service when processing malicious files. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can trigger a crash by sending specially crafted input to the affected transform3d function without requiring authentication or user interaction beyond opening a file.
A vulnerability was determined in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in Open Babel up to 3.1.1.cpp. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A weakness has been identified in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Open Babel versions up to 3.1.1 contain a null pointer dereference in the CDXML file handler's OBAtom::GetExplicitValence function, allowing remote attackers to crash the application through maliciously crafted files. Public exploit code exists for this vulnerability, making it a practical attack vector for denial of service. A patch is available and should be applied to all affected installations.
Out-of-bounds memory reads in Open Babel's MOL2 file handler (via OBAtom::SetFormalCharge function) allow remote attackers to trigger denial of service through malicious molecule files. Public exploit code is available for this vulnerability, which remains unpatched as of the advisory date. Versions up to 3.1.1 are affected.
Out-of-bounds read in Open Babel's CIF file handler (versions up to 3.1.1) allows remote denial of service when processing malicious files. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can trigger a crash by sending specially crafted input to the affected transform3d function without requiring authentication or user interaction beyond opening a file.
A vulnerability was determined in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in Open Babel up to 3.1.1.cpp. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A weakness has been identified in Open Babel up to 3.1.1. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.