6905 matches found
MGASA-2019-0193 Updated thunderbird packages fix security vulnerabilities
The updated thunderbird packages fix some bugs and security vulnerabilities: Heap buffer overflow in icalparser.c. CVE-2019-11703 Heap buffer overflow in icalvalue.c. CVE-2019-11704 Stack buffer overflow in icalrecur.c. CVE-2019-11705 Type confusion in icalproperty.c. CVE-2019-11706...
openthread/radio-receive-done-fuzzer: Stack-buffer-overflow in ot::Message::Write
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5759171934289920 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Cra...
openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::MeshCoP::DatasetManager::HandleSet
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5683612520808448 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...
curl: NTLMv2 type-3 header stack buffer overflow
A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash...
Mozilla Thunderbird < 60.7.1
The version of Thunderbird installed on the remote Windows host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when...
Mozilla Thunderbird < 60.7.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 60.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-17 advisory. - A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules...
ffmpeg/ffmpeg_DEMUXER_fuzzer: Stack-buffer-overflow in get_v
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5658245101780992 Project: ffmpeg Fuzzer: libFuzzerffmpegDEMUXERfuzzer Fuzz target binary: ffmpegDEMUXERfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Cra...
imagemagick/encoder_heic_fuzzer: Stack-buffer-overflow in std::__1::shared_ptr<heif::HeifPixelImage>::~shared_ptr
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5638446846050304 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderheicfuzzer Fuzz target binary: encoderheicfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
CVE-2019-11705
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
[ASA-201906-10] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201906-10 ========================================== Severity: High Date : 2019-06-14 CVE-ID : CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-980 Summa...
Foxit PDF SDK ActiveX < 5.5.1 Multiple Vulnerabilities
According to its version, the Foxit PDF SDK ActiveX application installed on the remote Windows host is prior to 5.5.1. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists due to a lack of security permission control which could allow LaunchURL...
Mozilla -- multiple vulnerabilities
Mozilla Foundation reports: CVE-2019-11703: Heap buffer overflow in icalparser.c A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. CVE-2019-11704: Heap buffer...
Security vulnerabilities fixed in Thunderbird 60.7.1 — Mozilla
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4670)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4670 advisory. - Bluetooth: Verify that l2capgetconfopt provides large enough buffer Marcel Holtmann Orabug: 29526426 CVE-2019-3459 - Bluetooth: Check L2CAP optio...
gdal/gdal_fuzzer: Stack-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5104504850087936 Project: gdal Fuzzer: libFuzzergdalfuzzer Fuzz target binary: gdalfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7f60356ed3...
CVE-2019-5391
A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...
Stack overflow
A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...
CVE-2019-5391
A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...
CVE-2019-5391
CVE-2019-5391 is a stack-based buffer overflow vulnerability in HPE Intelligent Management Center (IMC) Platform, present in IMC PLAT versions earlier than 7.3 E0506P09. Multiple connected sources (including Red Hat, CNVD, CVE records) describe it consistently as a stack overflow issue affecting ...
Stack overflow
A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25...