DEBIAN-CVE-2017-7586

In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...

Mozilla Firefox HTTP Parsing Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. An HTTP parsing vulnerability exists in Mozilla Firefox, where an out-of-read error occurs when parsing some HTTP digest...

DEBIAN-CVE-2016-6906

The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...

MS17-014: Security Update for Microsoft Office (4013241) (macOS)

The Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist in Microsoft Office software due to improper handling of objects in memory...

MS17-014: Security Update for Microsoft Office (4013241)

The Microsoft Office application, Office Web Apps, or SharePoint Server installed on the remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist in Microsoft Office software due to improper...

PHP 7.0.x < 7.0.15 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.15. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists due to a use-after-free error in the unserialize function that is triggered when usin...

shopify-scripts: SIGSEGV mrb_obj_freeze() Manipulating Register RAX and RSI

There is an invalid memory read on mruby when calling to mrbobjfreeze with a invalid "Struct RBasic" which causes a SIGSEGV and leads to denial of service or remote. The following code triggers the bug attached as mrbobjfreeze.rb: o=0x30303030.freeze Crash --------------------- Here we can see th...

MS16-148: Security Update for Microsoft Office (3204068)

The Microsoft Office application or Microsoft Office Services and Web Apps installed on the remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An arbitrary command execution vulnerability exists in Microsoft Office due to improper validati...

ImageMagick 7.x < 7.0.3-9 ReadSGIImage() SGI File Handling DoS

The version of ImageMagick installed on the remote Windows host is 7.x prior to 7.0.3-9. It is, therefore, affected by a denial of service vulnerability due to an out-of-bounds read error in the ReadSGIImage function within file coders/sgi.c when handling iris info dimensions. An unauthenticated,...

DEBIAN-CVE-2016-3633

The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors related to the src variable...

Symantec Endpoint Protection Client 12.1.x < 12.1.6 MP6 Multiple DoS (SYM16-015)

The version of Symantec Endpoint Protection SEP Client installed on the remote Windows host is 12.1.x prior to 12.1.6 MP6 or else 12.1.6 MP5 without a hotfix. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the decomposer...

Wireshark 2.0.x < 2.0.6 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.6 advisory. - epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not...

Oracle VM VirtualBox < 5.0.22 Multiple Vulnerabilities (July 2016 CPU)

The Oracle VM VirtualBox application installed on the remote host is a version prior to 5.0.22. It is, therefore, affected by multiple vulnerabilities in the bundled OpenSSL component : - A heap buffer overflow condition exists in the EVPEncodeUpdate function within file crypto/evp/encode.c that ...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The server processes agent.exe, rmngr.exe, and rhost.exe of the enterprise automation system 1C:Enterprise use the same module rtrsrvc.dll for working with TCP connections. A specially crafted TCP packet leads to an initialization error, which in turn causes incorrect memory reading at the zero...

Google Chrome < 51.0.2704.79 Multiple Vulnerabilities

Binary data 9373.pasl...

7Zip UDF CInArchive::ReadFileItem Code Execution Vulnerability

7Zip is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:7-zip:7-zip"; ifdescription...

ImageMagick 'ContrastStretchImage()' Buffer Overflow Vulnerability - Mac OS X

ImageMagick is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:imagemagick:imagemagick"...

Google Chrome < 51.0.2704.79 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 51.0.2704.79. It is, therefore, affected by multiple vulnerabilities as referenced in the 201606stable-channel-update advisory. - Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers t...

PHP 7.0.x < 7.0.7 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.7. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdContributionsCalc function within file ext/gd/libgd/gdinterpolation.c. An unauthenticated,...

PHP 5.6.x < 5.6.22 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.22. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists in the gdContributionsCalc function within file ext/gd/libgd/gdinterpolation.c. An unauthenticated,...