94 matches found
CVE-2017-0855
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...
CVE-2017-0855
CVE-2017-0855 affects Android’s Media Framework in MPEG4Extractor.cpp, where several paths return early without cleaning up internal buffers, leading to memory leaks. The impact is remote denial of service of a privileged process without extra privileges or user interaction. Affected Android vers...
CVE-2004-0855
...
DEBIAN-CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
CVE-2015-0855 affects Pitivi prior to version 0.95, where the _mediaLibraryPlayCb function in pitivi/mainwindow.py can be abused to execute arbitrary OS commands via shell metacharacters in a file path. Multiple advisories (Debian, OpenSUSE, Fedora, Mageia, Ubuntu-related updates) acknowledge thi...
Oracle Linux 6 : kernel (ELSA-2016-0855)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0855 advisory. - x86 kernel: espfix not working for 32-bit KVM paravirt guests Jacob Tanenbaum 1172767 CVE-2014-8134 - x86 nmi/64: Fix a paravirt stack-clobbering bug...
Advantech WebAccess SCADA Dashboard Directory Traversal (CVE-2016-0855)
A directory traversal vulnerability has been reported in the Dashboard component of Advantech WebAccess. The vulnerability is due to insufficient input validation within the openWidget, removeFolder or removeFile methods in the FileAjaxAction script. A remote, unauthenticated attacker could explo...
openSUSE Security Update : pitivi (openSUSE-2016-14)
This update for pitivi fixes the following issues : - CVE-2015-0855: 'Insecure use of os.system' boo960339 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-14. The text descriptio...
CVE-2016-0855
CVE-2016-0855 concerns Advantech WebAccess (pre-8.1). The vulnerability is a directory traversal in the WebAccess Dashboard/Viewer that could allow remote attackers to list arbitrary files in a virtual directory via unspecified vectors. Public references from ZDI describe related dashboard viewer...
Updated pitivi packages fix security vulnerability
In pitivi before 0.95, double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi CVE-2015-0855...
Oracle: Security Advisory (ELSA-2008-0855)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
IBM WebSphere Application Server Cross-Site Scripting - Ver2 (CVE-2009-0855)
A cross-site scripting vulnerability has been reported in IBM WebSphere Application Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
CVE-2014-0855
CVE-2014-0855 affects IBM Connections Portlets for WebSphere Portal (IBM WebSphere Portal 7.0.0.2 and 8.0.0.1) with Portlets 4.x prior to 4.5.1 FP1. The vulnerability is described as a reflected XSS in the Portlets, allowing remote attackers to inject arbitrary script/HTML via unspecified vectors...
CVE-2013-0855
CVE-2013-0855 affects FFmpeg’s libavcodec/alac.c alac_decode_close. Affected: FFmpeg before 1.1. Triggered by a large number of ALAC samples per frame, causing an out-of-bounds access. Impact is unspecified in the sources. Mitigation: upgrade FFmpeg to 1.1 or later (or apply vendor-specific patch...
CVE-2012-0855
Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...
CVE-2012-0855
Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...
CVE-2012-0855
Heap-based buffer overflow in the getsot function in the J2K decoder j2k.c in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service application crash via unspecified vectors related to the curtileno variable...