126 matches found
LAME fill_buffer_resample function denial of service vulnerability
LAME is an open source MP3 audio compression software. A security vulnerability in the LAME libmp3lame.a/util.c/fillbufferresample function allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it, which can crash the application...
Google Android Mediaserver Code Execution Vulnerability (CNVD-2017-04725)
Google Android is a mobile operating system based on the Linux open kernel. Google Android suffers from a security vulnerability in the Mediaserver implementation, which allows remote attackers to exploit the vulnerability to construct special media files and trick users into parsing them, which...
ImageMagick magick/colormap-private.h file denial of service vulnerability
ImageMagick is a set of open source image processing software. A security vulnerability exists in the ImageMagick magick/colormap-private.h file. An attacker can exploit the vulnerability to submit a special file that will trick the application into parsing it, crashing the application...
PoDoFo 'ColorChanger::GetColorFromStack' Function Denial of Service Vulnerability
PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in PoDoFo's 'ColorChanger::GetColorFromStack' function. Allows a remote attacker to construct a malicious file and trick the user into parsing it, which can crash the application...
QEMU Denial of Service Vulnerability (CNVD-2017-02735)
QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that allows an attacker to submit a special request that can be exploited to crash an application...
ytnef out-of-bounds read denial of service vulnerability (CNVD-2017-02558)
ytnef is an application library for extracting data from winmail.dat files. An out-of-bounds read vulnerability exists in ytnef. A remote attacker could exploit this vulnerability to construct a malicious file that could be parsed by the user, which could crash the application...
ytnef Buffer Overflow Denial of Service Vulnerability
ytnef is an application library for extracting data from winmail.dat files. A buffer overflow vulnerability exists in ytnef. A remote attacker could exploit this vulnerability to construct a malicious file that could be parsed by the user, which could crash the application...
Multiple Buffer Overflow Vulnerabilities in GnuTLS
GnuTLS is a free secure communications library for implementing SSL, TLS and DTLS protocols. A buffer overflow-based vulnerability exists in GnuTLS that could be exploited by a remote attacker to submit a specially crafted request to crash an application linking to this library...
GnuTLS Stack Buffer Overflow Vulnerability
GnuTLS is a free secure communications library for implementing SSL, TLS and DTLS protocols. GnuTLS suffers from a stack buffer overflow vulnerability that could be exploited by a remote attacker to submit a specially crafted request to crash an application linking to this library...
Adobe Reader and Acrobat Memory Corruption Vulnerability (CNVD-2016-08969)
Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDFs. A memory corruption vulnerability exists in Adobe Reader and Acrobat, which allows remote attackers to exploit the vulnerabilit...
QEMU 'hw/usb/hcd-xhci.c' Denial of Service Vulnerability
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU 'hw/usb/hcd-xhci.c', which can be exploited by an attacker to crash the application and cause...
ImageMagick Denial of Service Vulnerability (CNVD-2016-08683)
ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A denial-of-service vulnerability exists in ImageMagick, which can be exploited by an attacker to cause a denial-of-service by crashing an affected application...
PHP 'xp_socket.c' Denial of Service Vulnerability
PHP is an open source general-purpose computer scripting language. PHP 'xpsocket.c' has a denial of service vulnerability that allows attackers to exploit the vulnerability to crash an application and cause a denial of service...
Facebook HHVM Denial of Service Vulnerability
HHWM HipHop VM is a virtual machine launched by Facebook to execute PHP code. Facebook HHVM has a denial of service vulnerability. An attacker can exploit the vulnerability to crash the affected application, denying service to legitimate users...
Adobe Flash Player Memory Corruption Vulnerability (CNVD-2016-04102)
Adobe Flash Player is a multimedia player product. A memory corruption vulnerability exists in Adobe Flash Player, which can be exploited by remote attackers to construct malicious SWF content that can be parsed by the user, which can crash the application or execute arbitrary code...
Google Chrome media heap buffer overflow vulnerability
Google Chrome is a popular web browser. Google Chrome media suffers from a heap buffer overflow vulnerability that allows remote attackers to exploit the vulnerability to build malicious web pages that can be tricked into parsing by users, which can crash the application or execute arbitrary code...
Apple iOS/watchOS/tvOS and OS X El Capitan Disk Images Arbitrary Code Execution Vulnerability
Apple iOS is an operating system for Apple's cell phones.OS X El Capitan is a dedicated operating system for Mac computers.watchOS is a smartwatch operating system. A security vulnerability in Disk Images in Apple iOS, watchOS, and OS X El Capitan allows attackers to submit a special request to...
PHP 'php_snmp_error()' function formatted denial of service vulnerability
PHP is an open source general-purpose computer scripting language. The PHP 'phpsnmperror' function fails to properly handle string formatting, allowing remote attackers to exploit the vulnerability by submitting a special request to crash the application...
Silicon Graphics LibTiff rgb2ycbcr tool divide by zero error vulnerability (CNVD-2016-02320)
Silicon Graphics LibTiff is a library for reading and writing TIFF files. A divide-by-zero error vulnerability in Silicon Graphics LibTiff's rgb2ycbcr tool allows remote attackers to construct a malicious image that can be tricked into parsing by the user, which can crash the application...
Pixman Integer Overflow Vulnerability
Pixman is an underlying software library for pixel manipulation. An integer overflow vulnerability exists in Pixman, which can be exploited by a remote attacker to cause a denial of service application crash or execute arbitrary code with user privileges...