2521 matches found
zlib: Out-of-bound pointer arithmetic in inftrees.c
A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...
CVE-2017-8326
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c a...
Code injection
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c a...
CVE-2017-8326
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c a...
[ASA-201704-10] libtiff: multiple issues
Arch Linux Security Advisory ASA-201704-10 ========================================== Severity: Medium Date : 2017-04-28 CVE-ID : CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 Package :...
Debian DLA-909-1 : libcroco security update
CVE-2017-7960 A heap-based buffer over-read vulnerability could be triggered remotely via a crafted CSS file to cause a denial of service. CVE-2017-7961 An 'outside the range of representable values of type long' undefined behavior issue was found in libcroco, which might allow remote attackers t...
[SECURITY] [DLA 909-1] libcroco security update
Package : libcroco Version : 0.6.6-2+deb7u1 CVE ID : CVE-2017-7960 CVE-2017-7961 Debian Bug : 860961 CVE-2017-7960 A heap-based buffer over-read vulnerability could be triggered remotely via a crafted CSS file to cause a denial of service. CVE-2017-7961 An "outside the range of representable valu...
CVE-2017-7961
The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...
ALPINE-CVE-2017-7961
The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...
CVE-2017-7961
The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...
CVE-2017-7961
The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...
CVE-2017-7961
The CVE-2017-7961 issue affects libcroco up to version 0.6.12 (cr-tknzr_parse_rgb in cr-tknzr.c). The function may exhibit undefined behavior by converting a double RGB component to a long, potentially enabling denial of service (application crash) or other impact via a crafted CSS file. This is ...
CVE-2017-7961
The crtknzrparsergb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a...
PT-2017-18028 · Gnome +2 · Libcroco +2
Name of the Vulnerable Software and Affected Versions: libcroco versions 0.6.11 through 0.6.12 Description: The issue is related to an "outside the range of representable values of type long" undefined behavior in the cr tknzr parse rgb function, which could potentially allow remote attackers to...
Undefined Behaviour Or Denial Of Service (DoS)
zziplib is vulnerable to undefined behavior or denial of service DoS attacks. The vulnerability exists because there is a flaw that causes the loading of a misaligned address in memdisk.c...
CVE-2017-7601
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...
CVE-2017-7597
tifdirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...
CVE-2017-7596
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...
CVE-2017-7592
The putagreytile function in tifgetimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted image...
Integer overflow
The Curve25519 code in botan before 1.11.31, on systems without a native 128-bit integer type, might allow attackers to have unspecified impact via vectors related to undefined behavior, as demonstrated on 32-bit ARM systems compiled by Clang...