SAP CAR Archive Tool Denial Of Service / Security Bypass

Advisory Information Title: SAP CAR Multiple Vulnerabilities Advisory ID: CORE-2016-0006 Advisory URL: http://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities Date published: 2016-08-09 Date of last update: 2016-08-09 Vendors contacted: SAP Release mode: Coordinated release 2...

Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0185 Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability August 6, 2016 CVE Number CVE-2016-5646 Description An exploitable heap overflow vulnerability exists in the Compound Binary File Format CBFF parser functionality of Lexmark Perceptive...

CentOS 6 : libtiff (CESA-2016:1547)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2016:1547 advisory. - Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to...

Memory Corruption Vulnerability in PhotoZoom's Handling of ICO Files

PhotoZoom is a novel and technically revolutionary tool for enlarging digital images. A memory corruption vulnerability exists in the tool's handling of ICO images, which could be exploited by attackers to construct malformed ICO images that could cause the program to crash...

Evolutionary Knowledge Based Fuzzer: Choronzon

Evolutionary Knowledge Based Fuzzer Choronzon is an evolutionary fuzzer. It tries to imitate the evolutionary process in order to keep producing better results. To achieve this, it has an evaluation system to classify which of the fuzzed files are interesting and which should be dropped. Moreover...

Silicon Graphics LibTiff Memory Corruption Vulnerability

Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. A memory corruption vulnerability exists in Silicon Graphics LibTiff, which can be exploited by attackers to obtain sensitive information and cause a denial of...

Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity

Talos Vulnerability Report TALOS-2016-0103 Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity July 19, 2016 CVE Number CVE-2016-3581 Description While parsing a specially crafted TIFF file, a parser confussion can lead to a heap buffer overflow resulting in out of bounds memory...

Silicon Graphics LibTiff 'extractContigSamplesBytes' Function Denial of Service Vulnerability

Silicon Graphics LibTiff is a library for reading and writing TIFF files. A security vulnerability in the 'extractContigSamplesBytes' function of Silicon Graphics LibTiff allows remote attackers to exploit the vulnerability to construct special TIFF images that can be tricked into being parsed by...

Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-04061)

Silicon Graphics LibTiff is a library for reading and writing TIFF Tagged Image File Format files from the U.S. company Silicon Graphics. The library contains a number of command-line tools to deal with TIFF files. A security vulnerability exists in the 'PixarLogCleanup' function in the...

CVE-2016-4434

It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XX...

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

ImageMagick Delegate Arbitrary Command Execution

This module exploits a shell command injection in the way "delegates" commands for converting files are processed in ImageMagick versions 'ImageMagick Delegate Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection in the way "delegates" commands for...

DEBIAN-CVE-2016-0775

Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via a crafted FLI file...

Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-02175)

Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. Silicon Graphics LibTiff 4.0.6 and earlier versions of the TIFFVGetField function in the tifdirinfo.c file has a security vulnerability that can be exploited by an...

[SECURITY] Fedora 22 Update: python-pillow-2.8.2-5.fc22

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

images easy resizer&JPG ⇔ PNG - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application images easy resizer&JPG ⇔ PNG published at the 'play' market has multiple vulnerabilities...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

Network Time Protocol ntpq Special Character Filtering Vulnerability

Summary The ntpq saveconfig command does not do adequate filtering of special characters from the supplied filename. Only back slash and forward slash are currently filtered out. There are other special characters that are allowed in the filename which can cause issues during globbing. In additio...

Avast! - Integer Overflow Verifying numFonts in TTC Header

Avast! - Integer Overflow Verifying numFonts in TTC Header Source: https://code.google.com/p/google-security-research/issues/detail?id=549 If the numFonts field in the TTC header is greater than SIZEMAX+1 / 4, an integer overflow occurs in filevirusttf when calling CSafeGenFile::SafeLockBuffer. T...