Description
* A stack overflow vulnerability was found in nan* functions that could cause
applications, which process long strings with the nan function, to crash or,
potentially, execute arbitrary code. (CVE-2014-9761)
* It was found that out-of-range time values passed to the strftime() function
could result in an out-of-bounds memory access. This could lead to application
crash or, potentially, information disclosure. (CVE-2015-8776)
* An integer overflow vulnerability was found in hcreate() and hcreate_r()
functions which could result in an out-of-bounds memory access. This could lead
to application crash or, potentially, arbitrary code execution. (CVE-2015-8778)
* A stack based buffer overflow vulnerability was found in the catopen()
function. An excessively long string passed to the function could cause it to
crash or, potentially, execute arbitrary code. (CVE-2015-8779)