Freeware Advanced Audio Coder (FAAC) 1.28 - Denial of Service

Freeware Advanced Audio Coder FAAC multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= FAAC is an encoder for a lossy sound compression scheme specified in MPEG-2 Part 7 and MPEG-4 Part 3 standards and known as Advanced Audio Coding AAC. This...

How to use JavaScript array extensions integer overflow vulnerabilities in WebKit-a vulnerability warning-the black bar safety net

I will be in this article to tell you about the vulnerability, CVE-2017-2536/ZDI-17-358, which is a typical plastic overflow vulnerability, when the system is in the calculation of the allocated space size, the vulnerability will likely lead to a heap buffer overflow. We not only give you...

[SECURITY] Fedora 26 Update: libvncserver-0.9.11-2.fc26

LibVNCServer makes writing a VNC server or more correctly, a program expor ting a frame-buffer via the Remote Frame Buffer protocol easy. It hides the programmer from the tedious task of managing clients and compression schemata...

[SECURITY] Fedora 25 Update: libvncserver-0.9.11-2.fc25.1

LibVNCServer makes writing a VNC server or more correctly, a program expor ting a frame-buffer via the Remote Frame Buffer protocol easy. It hides the programmer from the tedious task of managing clients and compression schemata...

[SECURITY] Fedora 24 Update: libvncserver-0.9.11-2.fc24.1

LibVNCServer makes writing a VNC server or more correctly, a program expor ting a frame-buffer via the Remote Frame Buffer protocol easy. It hides the programmer from the tedious task of managing clients and compression schemata...

[SECURITY] Fedora 25 Update: jbig2dec-0.12-4.fc25

jbig2dec is a decoder implementation of the JBIG2 image compression format. JBIG2 is designed for lossy or lossless encoding of 'bilevel' 1-bit monochrome images at moderately high resolution, and in particular scanned paper documents. In this domain it is very efficient, offering compression...

[SECURITY] Fedora 24 Update: jasper-1.900.13-4.fc24

This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...

[SECURITY] Fedora 25 Update: jasper-1.900.13-4.fc25

This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...

CentOS 6 / 7 : jasper (CESA-2017:1208)

An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

jasper security update

CentOS Errata and Security Advisory CESA-2017:1208 An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score,...

[SECURITY] Fedora 26 Update: openvpn-2.4.2-1.fc26

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

[SECURITY] Fedora 26 Update: jbig2dec-0.13-3.fc26

jbig2dec is a decoder implementation of the JBIG2 image compression format. JBIG2 is designed for lossy or lossless encoding of 'bilevel' 1-bit monochrome images at moderately high resolution, and in particular scanned paper documents. In this domain it is very efficient, offering compression...

Preventing the Cache-Control Response Header from being Set to private

Q: When Compression is enabled on a NetScaler appliance, can you prevent the Cache-Control response header being set to the value private? A: Yes. You can prevent the Cache-Control response from being set to the value private when compression is enabled on a NetScaler appliance. To prevent the...

SAP SAPCAR Buffer Overflow Vulnerability

SAP SAPCAR is a set of compression and decompression tools for use in SAP Kernel. A buffer overflow vulnerability exists in SAP SAPCAR. An attacker could exploit this vulnerability to perform unauthorized operations in the context of an affected application...

The vulnerabilities of programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat allow attackers to execute arbitrary code.

The vulnerability of JPEG 2000 components in programs for viewing and editing PDF files, such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat, arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow a...

The vulnerabilities of programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to execute arbitrary code.

The vulnerability of the JBIG2 image compression module in PDF viewing and editing software such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a...

Weblate: Web server is vulnerable to Beast Attack

Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites ORDER IS NOT SIGNIFICANT: TLSv1.0 RSAWITHAES128CBCSHA DHERSAWITHAES128CBCSHA RSAWITHAES256CBCSHA DHERSAWITHAES256CBCSHA TLSv1.1: idem TLSv1.2 RSAWITHAES128CBCSHA DHERSAWITHAES128CBCSHA RSAWITHAES256CBCSHA...

Apache Traffic Server Denial of Service Vulnerability (CNVD-2017-06029)

Apache Traffic Server is an efficient and scalable HTTP proxy and caching server . Apache Traffic Server has a security vulnerability that allows remote attackers to exploit the vulnerability to submit a special request and perform HPACK Bomb attacks...

lz4-compress is unmaintained

According to the developers this crate is no longer maintained. The suggested alternative is lz4-compression, a maintained fork of lz4-compress. See also lz-fear which is compatible with the reference LZ4 implementation in C, but not with lz4-compress...

CVE-2017-3040

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution...