4666 matches found
UBUNTU-CVE-2016-4331
When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...
CVE-2016-4331
When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...
CVE-2016-4331
When decoding data out of a dataset encoded with the H5ZNBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution...
Debian DLA-711-1 : curl security update
CVE-2016-8615 If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. The issue pertains to the function that loads cookies into memory, which reads the...
USN-3123-1: curl vulnerabilities
It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. CVE-2016-7141 Nguyen Vu Hoang discovered that curl incorrectly handled escaping certain strings. A remote...
kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()
A syntax vulnerability was discovered in the kernel's ASN1.1 DER decoder, which could lead to memory corruption or a complete local denial of service through x509 certificate DER files. A local system user could use a specially created key file to trigger BUGON in the publickeyverifysignature...
CURL-CVE-2016-8622 URL unescape heap overflow via integer truncation
The URL percent-encoding decode function in libcurl is called curleasyunescape. Internally, even if this function would be made to allocate a destination buffer larger than 2GB, it would return that new length in a signed 32-bit integer variable, thus the length would get either truncated only or...
httpd: HTTP request smuggling attack against chunked request parser
Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP...
Adobe Flash - Crash When Freeing Memory After AVC decoding
Adobe Flash - Crash When Freeing Memory After AVC decoding Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=859 There is a crash when the AVC decoder attempts to free memory, likely indicating memory corruption. Fixed in the September update Proof of Concept:...
Adobe Flash - Crash When Freeing Memory After AVC decoding Exploit
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=859 There is a crash when the AVC decoder attempts to free memory, likely indicating memory corruption. Fixed in the September update Proof of Concept:...
Adobe Flash - Crash When Freeing Memory After AVC decoding
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=859 There is a crash when the AVC decoder attempts to free memory, likely indicating memory corruption. Fixed in the September update Proof of Concept:...
Design/Logic Flaw
decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 29493002...
UBUNTU-CVE-2016-3878
decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 29493002...
D-Link '/improtexport.php' Multiple Series Products SQL Injection Vulnerability
D-Link DAR-8000-X series and DAR-7000-x series Internet Access Behavior Audit Gateways provide Internet access behavior management solutions. An SQL injection vulnerability exists in several D-Link series products. The vulnerability generates a file in /improtexport.php, where previous defenses a...
SUSE SLED12 / SLES12 Security Update : libtasn1 (SUSE-SU-2016:1601-1)
This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER...
SUSE SLES11 Security Update : libtasn1 (SUSE-SU-2016:1600-1)
This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER...
Locky Ransomware Distributed Via DOCM Attachments in Latest Email Campaigns
Throughout August, FireEye Labs has observed a few massive email campaigns distributing Locky ransomware. The campaigns have affected various industries, with the healthcare industry being hit the hardest based on our telemetry, as seen in Figure 1. Figure 1. Top 10 affected industries Numerous...
CVE-2016-3819
Integer overflow in codecs/on2/h264dec/source/h264bsddpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...
phpMyAdmin Double URL Decoding XSS Vulnerability (PMASA-2016-16) - Linux
phpMyAdmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apple Core Graphics BMP Framework img_decode_read Remote Code Execution Vulnerability
Apple's CoreGraphics library is an API for users to create and manipulate graphic elements. A remote code execution vulnerability exists in Apple OS X and iOS when working with BMP images. An attacker could use this vulnerability to embed malicious exploit code in a BMP image resulting in an...