176 matches found
Security Bulletin: IBM i2 Analysts' Notebook and IBM i2 Analysts' Notebook Premium Memory vulnerabilities
Summary Multiple memory corruption vulnerabilities have been found in the IBM i2 Analysts' Notebook, and IBM i2 Analysts' Notebook Premium. Please see linked CVE's for details. Vulnerability Details CVEID: CVE-2020-4549 DESCRIPTION: IBM i2 Analyst's Notebook could allow a local attacker to execut...
RHEL 7 : ImageMagick (RHSA-2020:1180)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1180 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. The following...
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execute arbitrary...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, as well as Adobe Acrobat 2017 and Adobe Acrobat Reader 2017, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a...
SUSE-SU-2020:0113-1 Security update for tigervnc
This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder bsc1159856. - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode bsc1160250. - CVE-2019-15693: Fixed a heap-based buffer overflow...
ERC.Net – A Toolset for Analyzing Windows Application Crashes
ERC.Net is a collection of tools designed to assist in analyzing and debugging Windows application crashes in order to identify potential security vulnerabilities. Supporting both 64 and 32 bit applications, ERC.Net has many use cases including parsing Windows file headers, identifying compile-ti...
USN-4145-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service system crash. CVE-2016-10905 It was discovered that the IPv6 implementation in the Linux kernel did not properly validate socket optio...
MGASA-2019-0146 Updated gpac packages fix security vulnerability
It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execu...
Multiple Memory Corruption Vulnerabilities in Mozilla Firefox ESR
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Firefox ESR is an extended support version of Firefox. Multiple memory corruption vulnerabilities exist in Mozilla Firefox ESR version 60.2. The vulnerabilities can be exploited by attackers to corrupt...
SUSE-SU-2018:1951-1 Security update for libopenmpt
This update for libopenmpt to version 0.3.9 fixes the following issues: These security issues were fixed: - CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when reading AMS files bsc1095644 - CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files containin...
Detecting Kernel Memory Disclosure – Whitepaper
Posted by Mateusz Jurczyk, Project Zero Since early 2017, we have been working on Bochspwn Reloaded – a piece of dynamic binary instrumentation built on top of the Bochs IA-32 software emulator, designed to identify memory disclosure vulnerabilities in operating system kernels. Over the course of...
FreeBSD : Git -- Fix memory out-of-bounds and remote code execution vulnerabilities (CVE-2018-11233 and CVE-2018-11235) (c7a135f4-66a4-11e8-9e63-3085a9a47796)
The Git community reports : - In affected versions of Git, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. - In affected versions of Git, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a...
SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2017:3378-1)
This update for ImageMagick fixes the following issues : - CVE-2017-14607: out of bounds read flaw related to ReadTIFFImagehas could possibly disclose potentially sensitive memory bsc1059778 - CVE-2017-11640: NULL pointer deref in WritePTIFImage in coders/tiff.c bsc1050632 - CVE-2017-14342: a...
SUSE-SU-2017:3300-1 Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP2)
This update for the Linux Kernel 4.4.74-9229 fixes several issues. The following security issues were fixed: - CVE-2017-1000405: Problematic use of pmdmkdirty in the touchpmd function allowed users to overwrite read-only huge pages e.g. the zero huge page and sealed shmem files bsc1070307. -...
CVE-2017-8279
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while updating msgmask information...
Updated libquicktime packages fix security vulnerabilities
A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed CVE-2017-9122. An invalid memory read in lqtframeduration via a crafted mp4 file was fixed CVE-2017-9123. A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed CVE-2017-9124. A DoS in...
SUSE SLED12 Security Update : zziplib (SUSE-SU-2017:1095-1)
This update for zziplib fixes the following issues: Secuirty issues fixed : - CVE-2017-5974: heap-based buffer overflow in zzipget32 fetch.c bsc1024517 - CVE-2017-5975: heap-based buffer overflow in zzipget64 fetch.c bsc1024528 - CVE-2017-5976: heap-based buffer overflow in zzipmementryextrablock...
MGASA-2016-0341 Updated libass packages fixes security vulnerabilities
Amount of memory allocated during memory reallocation in the shaper wasn't tracked, possibly resulting in undefined behavior CVE-2016-7972. Illegal read in Gaussian blur coefficient calculations CVE-2016-7970. Mode 0/3 line wrapping equalization in specific cases could result in illegal reads whi...
The vulnerability of the Firefox ESR browser allows a malicious individual to execute arbitrary code or trigger a service failure.
The Mozilla Firefox ESR browser contains numerous vulnerabilities related to memory-related errors. Exploiting these vulnerabilities allows a malicious individual to execute arbitrary code through a specially created website, cause service failures, or trigger an emergency shutdown of the...
The vulnerability of the Thunderbird email client, which allows a malicious individual to execute arbitrary code or trigger a service failure.
Mozilla Thunderbird email client contains numerous vulnerabilities related to memory-related errors. Exploiting these vulnerabilities allows a malicious individual to execute arbitrary code through a specially created website, cause service failures, or trigger an emergency shutdown of the...