CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

UBUNTU-CVE-2017-5647

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. Thi...

CVE-2017-0543

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

PT-2017-2367 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 8.5.0 through 8.5.12 Apache Tomcat versions 9.0.0.M1 through 9.0.0.M18 Description: The refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed...

CVE-2017-0476

A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of an unprivileged...

Denial Of Service (DoS)

FFmpeg is vulnerable to denial of service DoS attacks and possibly other attacks. A malicious user can pass a malicious AAC file to the system to cause an out-of-bounds array access that can cause the system to crash...

USN-3178-1: icoutils vulnerabilities

It was discovered that icoutils incorrectly handled memory when processing certain files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause icoutils to crash, resulting in a denial of service, or possibly execute arbitrary code...

GLSA-201701-42 : file: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201701-42 file: Multiple vulnerabilities Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user or automated system to...

CVE-2016-4292

When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will use a static size to allocate a heap buffer yet explicitly trust a size from the file when modifying data inside of it. Due to this, an aggressor can corrupt memory outside the bounds...

CVE-2016-6701

A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the contex...

SUSE-SU-2016:2724-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesi...

FreeBSD : ImageMagick -- multiple vulnerabilities (10f7f782-901c-11e6-a590-14dae9d210b8)

Debian reports : Various memory handling problems and cases of missing or incomplete input sanitizing may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

WordPress 4.5.3 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting vulnerability in WordPress due to unsafe processing of file names ------------------------------------------------------------------------ Han Sahin, July 2016...

Microsoft Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Rea

Exploit for windows platform in category dos / poc function eventhandler1 CollectGarbage; function eventhandler5 try /FileReader/ var var00063 = new FileReader; catcherr //line 68 try /Blob/ var var00064 = new Blob; catcherr //line 69 try var00063.readAsDataURLvar00064; catcherr //line 70 iiThS9l...

CVE-2016-3483

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and availability via vectors related to File Processing...

CVE-2016-3483

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and availability via vectors related to File Processing...

CVE-2016-3478

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to File Processing...

CVE-2016-3478

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to File Processing...

Design/Logic Flaw

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to File Processing...