Internet Explorer Malformed GIF File Double Free (MS04-025) - Ver2 (CVE-2003-1048)

The Graphics Interchange Format GIF defines a file format intended for the on-line transmission and interchange of raster graphic data. It uses the LZW compression algorithm to minimize file sizes. A double free vulnerability exists in the way Microsoft Internet Explorer handles images of the GIF...

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150305)

It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM- allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. CVE-2014-8106 An uninitialized data structure use flaw was fou...

[SECURITY] Fedora 22 Update: nx-libs-3.5.0.29-1.fc22

NX is a software suite which implements very efficient compression of the X11 protocol. This increases performance when using X applications over a network, especially a slow one. This package provides the core nx-X11 libraries customized for nxagent/x2goagent...

libcacard, qemu security update

CentOS Errata and Security Advisory CESA-2015:0349 Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common...

[SECURITY] Fedora 22 Update: libmspack-0.5-0.1.alpha.fc22

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

[SECURITY] Fedora 21 Update: libmspack-0.5-0.1.alpha.fc21

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

[SECURITY] Fedora 20 Update: libmspack-0.5-0.1.alpha.fc20

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

Oracle Linux 7 : qemu-kvm (ELSA-2015-0349)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0349 advisory. - Resolves: bz1169456 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-7.1 - Resolves: bz1163078 CVE-2014-7840 qemu-kvm: qemu...

CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

DEBIAN-CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

UBUNTU-CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

Cross site request forgery (csrf)

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

CVE-2015-2206

phpMyAdmin vulnerability CVE-2015-2206 affects libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1. The flaw is caused by invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP...

CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

CVE-2015-2206

libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to...

Important: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update

Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

Mandriva Linux Security Advisory : cabextract (MDVSA-2015:041)

Updated cabextract packages fix security vulnerability : Libmspack, a library to provide compression and decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any...

[SECURITY] Fedora 20 Update: jasper-1.900.1-28.fc20

This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...

[SECURITY] Fedora 21 Update: jasper-1.900.1-30.fc21

This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...