F5: Security Vulnerabilities
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
CVSS Score
5.0
EPSS Score
0.833
Published
2005-05-31
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.063
Published
2004-12-21
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
CVSS Score
5.0
EPSS Score
0.086
Published
1999-11-08
Page 100