CVE-2016-6850

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. SVG files can be used as profile pictures. In case their XML structure contains iframes and script code, that code may get executed when calling the related picture URL or viewing the related person's image within a browser...

CVE-2016-6847

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. SVG files can be used as mp3 album covers. In case their XML structure contains script code, that code may get executed when calling the related cover URL. Malicious script code can be executed within a user's context. This c...

DEBIAN-CVE-2016-6628

An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

UBUNTU-CVE-2016-6628

An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

chromium-browser: universal xss in blink

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

Google Chrome SVG Same-Origin Bypass Vulnerability

Google Chrome is a web browser developed by the American company Google Google. A same-origin bypass vulnerability exists in Google Chrome SVG. An attacker can exploit this vulnerability to bypass the same-origin policy...

UCanCode - Multiple Vulnerabilities

UCanCode - Multiple Vulnerabilities UCanCode multiple vulnerabilities Url: http://www.hmi-software.com/ http://www.ucancode.net/index.htm http://www.ucancode.net/bbs/zhuce/login.htm Description: Form vendor's web page "UCanCode Software is a Market Leading provider of HMI & SCADA, CAD, UML, GIS,...

UCanCode - Multiple Vulnerabilities

Exploit for windows platform in category dos / poc UCanCode multiple vulnerabilities Url: http://www.hmi-software.com/ http://www.ucancode.net/index.htm http://www.ucancode.net/bbs/zhuce/login.htm Description: Form vendor's web page "UCanCode Software is a Market Leading provider of HMI & SCADA,...

The vulnerabilities of the Mozilla Firefox browser, the GNOME Eye of GNOME (eog) image viewer for the GNOME desktop environment, the GNOME Evince PDF viewer, and the GIMP graphic editor allow a hacker to trigger a denial-of-service attack.

The vulnerabilities of the Mozilla Firefox browser, the GNOME Eye of GNOME eog image viewer for the GNOME desktop environment, the GNOME Evince PDF viewer, and the GIMP graphic editor are related to code errors. Exploiting these vulnerabilities can allow an attacker to remotely cause service...

Debian DLA-621-1 : autotrace security update

Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array. For Debian 7 'Wheezy', this problem have been fixed in version 0.31.1-16+deb7u1...

[SECURITY] [DLA 621-1] autotrace security update

Package : autotrace Version : 0.31.1-16+deb7u1 CVE ID : CVE-2016-7392 Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array. For Debia...

DLA-621-1 autotrace - security update

Bulletin has no description...

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the nsNodeUtils::NativeAnonymousChildListChange function in Firefox and Firefox ESR browsers is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure memory corruption by using a...

Mozilla: Buffer overflow rendering SVG with bidirectional content (MFSA 2016-64)

Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document...

UBUNTU-CVE-2016-2838

Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document...

UBUNTU-CVE-2016-4583

WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document...

The vulnerability of Thunderbird software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this feature after release in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox, Firefox ESR, and Thunderbird allows malicious actors operating remotely to execute arbitrary code or cause service failures errors when working with dynamic memory through SVG animations th...

The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this feature after release in SVG implementation for Blink for Google Chrome allows malicious actors operating remotely to trigger service failures or otherwise affect the system by using incorrect caching related to animations...

The vulnerability of the Thunderbird email client, which allows a malicious individual to gain access to confidential information

The Thunderbird email client contains a vulnerability related to errors in the implementation of the SVG filter. This vulnerability allows a malicious actor to gain access to confidential information about displacement and correlations, as well as to circumvent domain restriction policies. The...

ImageMagick: SVG converting issue resulting in DoS

The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service infinite loop by converting a circularly defined SVG file...