CVE-2017-7448

The allocatechannelframebuffer function in uncompressedcomponents.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed JPEG image...

Dropbox - Customized SSL, Exported ContentProvider, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Dropbox published at the 'play' market has multiple vulnerabilities...

Dropbox: CSV Injection with the CVS export feature

The report mentions a well known problem with any CSV export function. If the exported data has an Excel formula, the user will be warned and if the user clicks through a warning they might get some code execution. At the same time, fixing this bug means that the CSV data is no longer correct and...

Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web

Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including LinkedIn, Tumblr, MySpace, Last.FM, Yahoo!, VK.com were exposed on the Internet. Now, according to the recent news, login credentials and other...

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power...

CVE-2016-6237

The buildhuffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service out-of-bounds write via a crafted jpeg file...

CVE-2016-6238

The writeujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service out-of-bounds read via a crafted jpeg file...

CVE-2016-6234

The processfile function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service crash via a crafted jpeg file...

Out-of-bounds

The writeujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service out-of-bounds read via a crafted jpeg file...

CVE-2016-6238

The writeujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service out-of-bounds read via a crafted jpeg file...

CVE-2016-6234

The processfile function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service crash via a crafted jpeg file...

CVE-2016-6236

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted jpeg file...

Out-of-bounds

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted jpeg file...

CVE-2016-6235

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service segmentation fault via a crafted jpeg file...

CVE-2016-6236

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted jpeg file...

CVE-2016-6234

The processfile function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service crash via a crafted jpeg file...

Design/Logic Flaw

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service segmentation fault via a crafted jpeg file...

CVE-2016-6238

The writeujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service out-of-bounds read via a crafted jpeg file...

CVE-2016-6235

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service segmentation fault via a crafted jpeg file...

CVE-2016-6236

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted jpeg file...