86 matches found
Ubuntu 16.04 LTS / 18.04 LTS : SDL 2.0 vulnerabilities (USN-4143-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4143-1 advisory. It was discovered that SDL 2.0 mishandled crafted image files resulting in an integer overflow. If a user were tricked into opening a malicio...
[SECURITY] [DLA 1934-1] cimg security update
Package : cimg Version : 1.5.9+dfsg-1+deb8u1 CVE ID : CVE-2018-7588 CVE-2018-7589 CVE-2018-7637 CVE-2018-7638 CVE-2018-7639 CVE-2018-7640 CVE-2018-7641 CVE-2019-1010174 Several issues have been found in cimg, a powerful image processing library. CVE-2019-1010174 is related to a missing string...
openSUSE Security Update : SDL2 (openSUSE-2019-1633)
This update for SDL2 fixes the following issues : - Remove the fix for CVE-2019-7637, the modification of function SDLCalculatePitch is only suited for SDL not SDL2, and breaks SDL2 software. bsc1134135 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Securit...
openSUSE: Security Advisory for SDL2 (openSUSE-SU-2019:1632-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:1633-1 Security update for SDL2
This update for SDL2 fixes the following issues: - Remove the fix for CVE-2019-7637, the modification of function SDLCalculatePitch is only suited for SDL not SDL2, and breaks SDL2 software. bsc1134135 This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2019:1632-1 Security update for SDL2
This update for SDL2 fixes the following issues: - Remove the fix for CVE-2019-7637, the modification of function SDLCalculatePitch is only suited for SDL not SDL2, and breaks SDL2 software. bsc1134135 This update was imported from the SUSE:SLE-15:Update update project...
SUSE SLED15 / SLES15 Security Update : SDL2 (SUSE-SU-2019:1605-1)
This update for SDL2 fixes the following issues : Remove the fix for CVE-2019-7637, the modification of function SDLCalculatePitch is only suited for SDL not SDL2, and breaks SDL2 software. bsc1134135 Note that Tenable Network Security has extracted the preceding description block directly from t...
SUSE-SU-2019:1605-1 Security update for SDL2
This update for SDL2 fixes the following issues: - Remove the fix for CVE-2019-7637, the modification of function SDLCalculatePitch is only suited for SDL not SDL2, and breaks SDL2 software. bsc1134135...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-6748
Foxit Studio Photo 3.6.6 (and prior) is affected by CVE-2019-6748 due to an out-of-bounds write in the EZI file parser that can lead to remote code execution. The vulnerability requires user interaction (target must open a malicious page/file). Root cause: improper validation during EZI file hand...
CVE-2019-6748
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
EulerOS Virtualization 3.0.1.0 : SDL (EulerOS-SA-2019-1469)
According to the versions of the SDL package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c...
openSUSE: Security Advisory for SDL2 (openSUSE-SU-2019:1261-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for SDL (openSUSE-SU-2019:1223-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : SDL2 (SUSE-SU-2019:0950-1)
This update for SDL2 fixes the following issues : Security issues fixed : CVE-2019-7572: Fixed a buffer over-read in IMAADPCMnibble in audio/SDLwave.c.bsc1124806. CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMAADPCM in audio/SDLwave.c bsc1125099. CVE-2019-7576: Fixed heap-based buff...
SUSE SLED12 / SLES12 Security Update : SDL (SUSE-SU-2019:0899-1)
This update for SDL fixes the following issues : Security issues fixed : CVE-2019-7572: Fixed a buffer over-read in IMAADPCMnibble in audio/SDLwave.c.bsc1124806. CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMAADPCM in audio/SDLwave.c bsc1125099. CVE-2019-7576: Fixed heap-based buffe...
SUSE-SU-2019:0899-1 Security update for SDL
This update for SDL fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMAADPCMnibble in audio/SDLwave.c.bsc1124806. - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMAADPCM in audio/SDLwave.c bsc1125099. - CVE-2019-7576: Fixed heap-based...
MGASA-2019-0127 Updated SDL12 packages fix security vulnerability
This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files. - Fix CVE-2019-7577 a buffer overread in MSADPCMdecode rhbz1676510 - Fix CVE-2019-7575 a buffer overwrite in MSADPCMdecode rhbz1676744 - Fix CVE-2019-7574 a buffer overread in...
EulerOS 2.0 SP2 : SDL (EulerOS-SA-2019-1126)
According to the versions of the SDL packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c outside the...
EulerOS 2.0 SP5 : SDL (EulerOS-SA-2019-1151)
According to the versions of the SDL packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c outside the...