CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

DEBIAN-CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

Design/Logic Flaw

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5396

CVE-2017-5396 describes a use-after-free vulnerability in the Media Decoder when handling media files, where certain events fire after the media elements are freed. The initial document indicates affected products include Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox

CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

[ASA-201806-6] p7zip: arbitrary code execution

Arch Linux Security Advisory ASA-201806-6 ========================================= Severity: Critical Date : 2018-06-09 CVE-ID : CVE-2018-10115 Package : p7zip Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-714 Summary ======= The package p7zip before...

USN-3667-1: libytnef vulnerabilities

It was discovered that libytnef incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. CVE-2017-12141, CVE-2017-9146, CVE-2017-9471, CVE-2017-9473 It was discovered that libytnef incorrectly handled certain files. An attacker could possibly use this t...

Teradek Cube 7.3.6 - Cross-Site Request Forgery

Teradek Cube 7.3.6 - Cross-Site Request Forgery input type="submit...

Debian: Security Advisory (DLA-1380-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fixed in Apache Tomcat 7.0.88

Important: A bug in the UTF-8 decoder can lead to DoS CVE-2018-1336 An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. This was fixed in revision 1830376. This issue was reported publicly on 6...

CVE-2018-11033

The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...

Design/Logic Flaw

The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...

CVE-2018-11033

The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JPEG data...

xpdf 'DCTStream::readHuffSym' function denial of service vulnerability

Xpdf is an open source PDF reader developed by Foo Labs , it supports decoding LZW compressed format files and read encrypted PDF files.DCT decoder is one of the DCT decoder . Xpdf 4.00 before the version of the DCT decoder in the Stream.cc file 'DCTStream::readHuffSym' function has a security...

Fixed in Apache Tomcat 8.0.52

Important: A bug in the UTF-8 decoder can lead to DoS CVE-2018-1336 An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. This was fixed in revision 1830375. This issue was reported publicly on 6...

Debian DSA-4192-1 : libmad - security update

Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Fixed in Apache Tomcat 8.5.31

Important: A bug in the UTF-8 decoder can lead to DoS CVE-2018-1336 An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. This was fixed in revision 1830374. This issue was reported publicly on 6...

Fixed in Apache Tomcat 9.0.8

Important: A bug in the UTF-8 decoder can lead to DoS CVE-2018-1336 An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. This was fixed in revision 1830373. This issue was reported publicly on 6...