libmspack security and bug fix update

An update is available for libmspack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libmspack packages contain a library providing compression and extracti...

RLSA-2020:1686 Low: libmspack security and bug fix update

The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes: libmspack: buffer overflow in function chmdreadheaders CVE-2019-1010305 For more details about the security issues, including the impact, a CVSS score,...

Description of the Open XML File Format Converter for Mac 1.0.2 Update

The Open XML File Format Converter for Mac 1.0.2 Update includes fixes for vulnerabilities that an attacker can use to overwrite the contents of a computer's memory by using malicious code.INTRODUCTION Microsoft has released security bulletins MS08-072 and MS08-074. These security bulletins conta...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...

ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file

An infinite loop has been found in the way ImageMagick reads Multiple-image Network Graphics MNG data. An attacker could exploit this to cause a denial of service via crafted MNG file...

Adobe Flash Player: Remote execution of arbitrary code

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description A critical type confusion vulnerability was discovered in Adobe Flash Player. Impact A remote attacker could possibly execute arbitrary code with the...

UBUNTU-CVE-2019-20628

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a Use-After-Free vulnerability in gfm2tsprocesspmt in mediatools/mpegts.c that can cause a denial of service via a crafted MP4 file...

Foxit Studio Photo Resource Management Error Vulnerability

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A resource management error vulnerability exists in the processing of TIF files in Foxit Studio Photo 3.6.6.918 and earlier versions for Windows platforms, which originates from the program failing to veri...

Foxit Studio Photo Buffer Overflow Vulnerability (CNVD-2020-18403)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A buffer overflow vulnerability exists in the processing of TIF files in Foxit Studio Photo 3.6.6.918 and earlier versions for Windows platforms, which results from the program failing to properly validate...

Memory Corruption Vulnerability in TSMC 7200MA Software (Inverter Software)

Ltd. is a wholly foreign owned enterprise established in China on July 1, 2000 by Antai International Investment Singapore Pte Ltd, a subsidiary of TECO Group, a renowned Taiwanese multinational corporation. A memory corruption vulnerability exists in the TAS 7200MA software inverter software,...

Denial of Service Vulnerability in FreeImage TIFF Files

FreeImage is a free , open source , cross-platform Windows, Linux and Mac OS X , supports more than 20 types of images such as BMP, JPEG, GIF, PNG, TIFF , etc. image processing library . A denial of service vulnerability exists in the FreeImage image parsing library when parsing meta information ...

[SECURITY] Fedora 30 Update: sox-14.4.2.0-28.fc30

SoX Sound eXchange is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects...

[SECURITY] Fedora 31 Update: python-pillow-6.2.2-1.fc31

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Fedora: Security Advisory for python-pillow (FEDORA-2020-df444e464e)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows Media Center WMV / WMA 6.3.9600.16384 - Code Execution

Exploit Title: Microsoft Windows Media Center WMV or WMA 6.3.9600.16384 - Code Execution Google Dork: n/a Date: 2020-01-29 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 6.3.9600.16384 Tested on: Windows 7, 8.1, 10...

[SECURITY] Fedora 30 Update: podofo-0.9.6-9.fc30

PoDoFo is a library to work with the PDF file format. The name comes from the first letter of PDF Portable Document Format. A few tools to work with PDF files are already included in the PoDoFo package. The PoDoFo library is a free, portable C++ library which includes classes to parse PDF files a...

PYSEC-2020-81

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

PYSEC-2020-81

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

[SECURITY] Fedora 30 Update: python-pillow-5.4.1-3.fc30

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Free Photo Viewer Code Issue Vulnerability

Free Photo Viewer is a lightweight photo viewer. A code issue vulnerability exists in Free Photo Viewer. The vulnerability can be exploited to execute arbitrary code via specially crafted BMP and/or TIFF files...