1249 matches found
CVE-2017-13831
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image...
CVE-2017-13831
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image...
CVE-2017-13814
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted image file...
CVE-2017-13814
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted image file...
Memory corruption
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted image file...
Code injection
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image...
CVE-2017-13831
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information or cause a denial of service via a crafted image...
CVE-2017-13814
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted image file...
CVE-2017-13814
Summary: CVE-2017-13814 affects macOS pre-10.13.1, specifically the ImageIO component. A crafted image file may allow remote attackers to execute arbitrary code or cause a denial of service via memory corruption. The issue is described as a memory corruption with input validation concerns in Imag...
CVE-2017-13831
CVE-2017-13831 affects macOS before 10.13.1, in the ImageIO component, where processing a crafted image could lead to information disclosure or a denial of service. The vulnerability is cited in Apple’s macOS High Sierra 10.13.1 security updates and is addressed by updating to macOS 10.13.1 or la...
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)
The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components : - 802.1X - apache - AppleScript - ATS - Audio - CFString - CoreText - curl - Dictionary Widget - file - Font...
Apple macOS High Sierra ImageIO Component Denial of Service Vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers. imageIO is one of the static methods used to perform common image I/O operations. A denial of service vulnerability exists in the ImageIO component in Apple macOS High Sierra versions prior to 10.13.1....
About the security content of tvOS 11
About the security content of tvOS 11 This document describes the security content of tvOS 11. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2017-1207)
According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attack...
EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2017-1208)
According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attack...
Struts2 S2-052(CVE-2017-9805)remote code execution vulnerability bug research-vulnerability warning-the black bar safety net
Struts2 S2-052 remote code perform vulnerability bug and the previous Struts2 vulnerability bug there is a difference, S2-052 operating the Java deserialization cracks, rather than reputation notorious ognl in. The flaws of the trigger point is the REST plug-in to parse begged in the xml file, ca...
OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: ImageIO. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/x86_64 (20170807)
Security Fixes : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. CVE-2017-10102 - Multiple...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-869)
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. CVE-2017-10102 Multiple flaws were discovere...
OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: ImageIO. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...