[SECURITY] Fedora 29 Update: advancecomp-2.1-9.fc29

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5

Tyler Bohan of Cisco Talos discovered these vulnerabilities. Vanja Svajcer authored this blog post. Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handling of TIFF and PCX...

ACD Systems Canvas Draw 5 huff table out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

Vulnerability Spotlight: Multiple Vulnerabilities in ACD Systems Canvas Draw 4

These vulnerabilities were discovered by Tyler Bohan of Cisco Talos Today, Talos is disclosing several vulnerabilities that have been identified in Canvas Draw graphics editing tool for Macs. Canvas Draw 4 is a graphics editing tool used to create and edit images, as well as other graphic-related...

ACD Systems Canvas Draw 4 Huff Table Out-of-bounds Write Code Execution Vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

PT-2022-2042

Name of the Vulnerable Software and Affected Versions zlib versions 1.2.11 through 1.2.12 Description The issue is related to memory corruption when deflating, i.e., when compressing, if the input has many distant matches. This can lead to a buffer overflow in memory. An attacker could potentiall...

[SECURITY] Fedora 28 Update: advancecomp-2.1-4.fc28

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

[SECURITY] Fedora 27 Update: advancecomp-2.1-4.fc27

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

Run HTTP Flood DDoS Attacks: Wreckuests

Stress Testing: Run HTTP Flood DDoS Attacks Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It’s written in pure Python and uses proxy-servers as “bots”. This script is published for educational purposes only! Features Cache bypass with random ?abcd=efg...

Weblate: Web server is vulnerable to Beast Attack

Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites ORDER IS NOT SIGNIFICANT: TLSv1.0 RSAWITHAES128CBCSHA DHERSAWITHAES128CBCSHA RSAWITHAES256CBCSHA DHERSAWITHAES256CBCSHA TLSv1.1: idem TLSv1.2 RSAWITHAES128CBCSHA DHERSAWITHAES128CBCSHA RSAWITHAES256CBCSHA...

ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability - Mac OS X

ImageMagick is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:imagemagick:imagemagick";...

ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability - Windows

ImageMagick is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:imagemagick:imagemagick";...

ImageMagick Convert Tiff Adobe Deflate 任意代码执行漏洞（CVE-2016-8707）

This vulnerability is present in the convert utility bundled with ImageMagick. Thus utility is used by many web applications to parse and convert images and other formats inter changeably. It is a very popular piece of software for this use. The vulnerability arises when attempting to deflate an...

ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability

Summary An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks’s convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution.. The vulnerability can be...

Denial of Service

Overview Affected versions of uws do not properly handle large websocket messages when permessage-deflate is enabled, which may result in a denial of service condition. If uws recieves a 256Mb websocket message when permessage-deflate is enabled, the server will compress the message prior to...

drchrono: SSL/TLS BEAST ATTACK

Supported versions: TLSv1.0 TLSv1.1 TLSv1.2 Deflate compression: no Supported cipher suites ORDER IS NOT SIGNIFICANT: TLSv1.0 RSAWITH3DESEDECBCSHA RSAWITHAES128CBCSHA RSAWITHAES256CBCSHA TLSECDHERSAWITH3DESEDECBCSHA TLSECDHERSAWITHAES128CBCSHA TLSECDHERSAWITHAES256CBCSHA TLSv1.1: idem TLSv1.2...

Adobe Acrobat and Adobe Reader Deflate Parameter Integer Overflow (CVE-2009-3459)

Portable Document Format PDF is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. Successful exploitation of this issue will cause the application to become non-responsive, and m...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...