CVE-2017-2966

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2965

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2954

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution...

gstreamer security update

CentOS Errata and Security Advisory CESA-2017:0019 An update for gstreamer-plugins-good is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

gstreamer1 security update

CentOS Errata and Security Advisory CESA-2017:0020 An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

libTIFF: Multiple vulnerabilities

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE...

CVE-2016-5646

An exploitable heap overflow vulnerability exists in the Compound Binary File Format CBFF parser functionality of Lexmark Perceptive Document Filters library. A specially crafted CBFF file can cause a code execution. An attacker can send a malformed file to trigger this vulnerability...

RedHat Update for gstreamer-plugins-good RHSA-2017:0019-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for gstreamer1-plugins-good RHSA-2017:0020-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2016-3103 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue is related to the ReadGROUP4Image function in coders/tiff.c, which does not properly handle errors. This can be exploited by a remote attacker to cause a denial of service,...

Updated gstreamer0.10-plugins-good and gstreamer1.0-plugins-good packages fix security vulnerabilities

Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application CVE-2016-9634,...

[SECURITY] Fedora 25 Update: hdf5-1.8.17-2.fc25

HDF5 is a general purpose library and file format for storing scientific da ta. HDF5 can store two primary objects: datasets and groups. A dataset is essentially a multidimensional array of data elements, and a group is a structure for organizing objects in an HDF5 file. Using these two basic...

Ubuntu Apport < 2.20.4 Code Execution on Ubuntu Desktop（CVE-2016-9949）

This research was inspired by Chris Evan’s great work on exploiting client-side file format parsing bugs in the gstreamer media library on Ubuntu. We will look for other default file handlers on Ubuntu which may be vulnerable to exploitation. I’m not a binary exploitation guru like Chris so inste...

CentOS 6 : gstreamer-plugins-good (CESA-2016:2975)

An update for gstreamer-plugins-good is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CentOS Update for gstreamer-plugins-good CESA-2016:2975 centos6

Check the version of gstreamer-plugins-good SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu crash reporting tool there is a remote code execution vulnerability-vulnerability warning-the black bar safety net

Security researchers found the Ubuntu crash reporting tool there is a remote code execution vulnerability, an attacker may only need a malicious file will be able to capture a system. The vulnerability affects all default installations of Ubuntu Linux 12.10 Quantaland later version of theoperatin...

Microsoft Office Security Feature Bypass Vulnerability (CNVD-2016-12460)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A security feature bypass vulnerability exists in Microsoft Office software that originates when the progr...

Microsoft Office Security Feature Bypass Vulnerability (CNVD-2016-12459)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A security feature bypass vulnerability exists in Microsoft Office software that originates when the progr...

Microsoft Office Excel Multiple Vulnerabilities (3204068)

This host is missing a critical security update according to Microsoft Bulletin MS16-148. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

DSA-3727-1 hdf5 - security update

Bulletin has no description...