Security update for php5 (important)

This update for php5 fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

openSUSE Security Update : gd (openSUSE-2016-1281)

This update for gd fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Security update for gd (important)

This update for gd fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

ffmpeg: Stack-buffer-overflow in ff_htmlmarkup_to_ass

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6380176053108736 Target: ffmpeg Fuzzer: libFuzzerffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Fuzzer binary: ffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linu...

ffmpeg: Stack-buffer-overflow in ff_htmlmarkup_to_ass

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6380176053108736 Target: ffmpeg Fuzzer: libFuzzerffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Fuzzer binary: ffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow READ 1...

Stack overflow

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without...

CVE-2016-8812

CVE-2016-8812 affects NVIDIA Windows GPU drivers for NVIDIA Quadro/NVS/GeForce with GeForce Experience (GFE) R340 prior to 2.11.4.125 and R375 prior to 3.1.0.52. The issue is a kernel-mode stack buffer overflow in nvstreamkms.sys triggered by specially crafted executable paths, requiring GeForce ...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This...

pcre2: Stack-buffer-overflow in parse_regex

Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4804894724718592 Target: pcre2 Fuzzer: libFuzzerpcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7fe78b19ded0...

CVE-2016-9176

Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code...

The vulnerability of the Thunderbird email client, the Firefox browser, and the SeaMonkey software suite allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the Thunderbird email client, the Firefox browser, and the SeaMonkey software suite is caused by a buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure memory corruption, application termination by...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9 Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=947 The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow: bool...

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2681-1)

This update for php53 fixes the following issues : - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 - CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf bsc1005274 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

SUSE-SU-2016:2683-2 Security update for php7

This update for php7 fixes the following security issue: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=946 There is a missing bounds check in inner loop of the escape handler for 0x7000014 that leads to a stack buffer overflow: ... for DWORD i = 0; numdata; ++i ... // size is...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=947 The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow: bool...

Rumba FTP Client 4.x - Remote Stack Buffer Overflow (SEH)

Rumba FTP Client 4.x - Remote Stack Buffer Overflow SEH Exploit Title: Rumba FTP 4.x Client Stackoverflow SEH Date: 29-10-2016 Exploit Author: Umit Aksu Vendor Homepage: http://community.microfocus.com/microfocus/mainframesolutions/rumba/w/knowledgebase/28731.rumba-ftp-4-x-security-update.aspx...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=947 The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow: bool escape10000e9NvMiniportDeviceContext a1, Escape10000e9 escape ... LOBYTEa9...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=946 There is a missing bounds check in inner loop of the escape handler for 0x7000014 that leads to a stack buffer overflow: ... for DWORD i = 0; numdata; ++i ... // size is user controlled. size = escape-datai.size; for DWORD j = ...

CVE-2016-8335

CVE-2016-8335 is an exploitable stack-based buffer overflow in Iceni Argus IPNameAdd(), triggered by unvalidated source strings copied via strcpy before length checks. Affects Iceni Argus 6.6.04 (Linux x64) and 6.6.04 (Windows x64). The vulnerability stems from a 255-byte destination buffer (dest...