CVE-2017-10983

An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service...

Fedora 26 : mingw-libtasn1 (2017-d5cf1a55ce)

Noteworthy changes in release 4.11 released 2017-05-27 stable - Introduced the ASN1TIMEENCODINGERROR error code to indicate an invalid encoding in the DER time fields. - Introduced flag ASN1DECODEFLAGALLOWINCORRECTTIME. This flag allows decoding errors in time fields even when in strict DER mode...

SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2017:1838-1)

This update for gnutls fixes the following issues : - GNUTLS-SA-2017-4 / CVE-2017-7507: Fix crash in status response TLS extension decoding bsc1043398 - GNUTLS-SA-2017-3 / CVE-2017-7869: Fix out-of-bounds write in OpenPGP certificate decoding bsc1034173 - Address read of 4 bytes past the end of...

Oracle Linux 6 : kernel (ELSA-2017-1723)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1723 advisory. - mm enlarge stack guard gap Larry Woodman 1452729 1452730 CVE-2017-1000364 CVE-2017-1000366 - fs nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce...

Humax HG100R 2.0.6 - Backup File Download

Humax HG100R 2.0.6 - Backup File Download coding: utf-8 Exploit Title: Humax Backup file download Date: 29/06/2017 Exploit Author: gambler Vendor Homepage: http://humaxdigital.com Version: VER 2.0.6 Tested on: OSX Linux CVE : CVE-2017-7315 import sys import base64 import shodan import requests...

UBUNTU-CVE-2017-9994

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...

Adobe Flash - Image Decoding Out-of-Bounds Read Exploit

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)

The Mozilla Firefox was updated to the new ESR 52.2 release, which fixes the following issues bsc1043960 : - MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder - MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading - MFSA 2017-16/CVE-2017-7751 Use-after-free with content...

Adobe Flash - Image Decoding Out-of-Bounds Read

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit: http://127.0.0.1/LoadImage.swf=read1.png Proof of Concept:...

Adobe Flash - Image Decoding Out-of-Bounds Read

Adobe Flash - Image Decoding Out-of-Bounds Read Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:...

Null pointer dereference

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...

CVE-2017-7507

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...

UBUNTU-CVE-2017-7507

GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...

[SECURITY] Fedora 25 Update: libtasn1-4.12-1.fc25

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

Important: jasper

Issue Overview: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...

openSUSE Security Update : ffmpeg2 (openSUSE-2017-631)

This update for ffmpeg2 fixes security issues, bugs, and enables AC3 and MP3 decoding. The following vulnerabilities were fixed : - CVE-2017-7863: heap-based buffer overflow bsc1034179 - CVE-2017-7865: heap-based buffer overflow bsc1034177 - CVE-2017-7866: stack-based buffer overflow bsc1034176 -...

[ASA-201705-21] lib32-nss: arbitrary code execution

Arch Linux Security Advisory ASA-201705-21 ========================================== Severity: Critical Date : 2017-05-29 CVE-ID : CVE-2017-5461 Package : lib32-nss Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-248 Summary ======= The package lib32-nss...

DEBIAN-CVE-2017-9110

In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash...

OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0106)

The remote OracleVM system is missing necessary patches to address critical security updates : - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed...

Unbreakable Enterprise kernel security update

2.6.39-400.295.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 2.6.39-400.295.1 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed Orabug: 25510857 - IB/CORE: sync the resouce access in fmrpool...