Avaya: >> Libsafe Security Vulnerabilities
Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.
CVSS Score
5.1
EPSS Score
0.071
Published
2005-05-02
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-04-22
The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-04-22