CVE-2016-9636

GStreamer vulnerability CVE-2016-9636 affects the FLIC decoder (gst/flx/gstflxdec.c, function flx_decode_delta_fli). The issue is a heap-based buffer overflow caused by a write count that can exceed the initialized buffer, allowing a remote attacker to potentially execute arbitrary code or crash ...

CVE-2016-9635

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a 'skip count' that goes beyond initialized buffer...

CVE-2016-9634

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via the startline parameter...

CVE-2016-9635

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a 'skip count' that goes beyond initialized buffer...

CVE-2016-9634

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via the startline parameter...

CVE-2016-9635

GStreamer vulnerability CVE-2016-9635 affects the FLIC decoder (gst/flx/gstflxdec.c) where a skip_count beyond the initialized buffer can cause a heap-based overflow. A remote attacker could execute arbitrary code or cause a crash. Affected: GStreamer up to version 1.10.1 (before 1.10.2). Remedia...

CVE-2016-9636

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a 'write count' that goes beyond the initialized buffer...

CVE-2016-9634

CVE-2016-9634 affects GStreamer’s FLIC decoder (flx_decode_delta_fli in gst/flx/gstflxdec.c). The IBM bulletin ties this to PowerKVM, noting GStreamer vulnerabilities in the FLC/FLI/FLX decoding plug-in could allow a remote attacker to crash an application or execute arbitrary code via a speciall...

CVE-2016-9636

Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a 'write count' that goes beyond the initialized buffer...

Mozilla Firefox ESR Security Advisories (MFSA2017-01, MFSA2017-02) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla: Use-after-free with Media Decoder (MFSA 2017-02)

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

JasPer 'jpc/jpc_dec.c' Denial of Service Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A denial of service vulnerability exists in JasPer. An attacker could exploit this vulnerability to cause a denial of service...

CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

UBUNTU-CVE-2017-5396

A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

Mozilla Firefox ESR 45.x < 45.7 Multiple Vulnerabilities (macOS)

The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is 45.x prior to 45.7. It is, therefore, affected by the following vulnerabilities : - Mozilla developers and community members Christian Holler, Gary Kwong, Andre Bargull, Jan de Mooij, Tom Schuster, and Oriol...

CVE-2017-2971

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2971

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution...

Heap overflow

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2971

CVE-2017-2971 affects Adobe Acrobat Reader and Acrobat (Windows/macOS) with versions 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier. The issue is an exploitable heap overflow in the JPEG decoder routine, which could allow arbitrary code execution on successful exploit...