252 matches found
Mozilla Firefox Security Advisory (MFSA2015-105) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla Firefox Security Advisory (MFSA2014-77) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla Firefox Security Advisory (MFSA2015-89) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Wonder Video Embed < 1.8 - Contributor+ Stored XSS
The plugin does not escape parameters of its wonderpluginvideo shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks. wonderpluginvideo iframe='youtube.com?v=dQw4w9WgXcQ" onload="alert1' videocss='animation-name:twentytwentyone-close-button-transition"...
Understanding Emerging Video Formats
In my previous post, we discussed two new image formats: High-Efficiency Image File HEIF and AV1 Image File AVIF. In this article, we'll take a closer look at two emerging video formats built on the same foundations. Akamai Image & Video Manager IVM already supports the key video codecs H.264,...
Alternatives to Animated GIFs
We have all been amused by animated GIFs on lots of websites -- dancing babies, cute cats, flying birds, funny memes, and countless others. Despite their popularity, animated GIFs can be very heavy and can contribute significantly to page performance issues. How significantly? We have seen...
Microsoft Windows WebM Video Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
libvpx security update
1.7.0-8 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Enable webm-io explicitly 1.7.0-7 - Fix for CVE-2019-9232, CVE-2019-9433, CVE-2019-9371, CVE-2019-2126 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Remove php-cli BR...
ALSA-2020:4629 Moderate: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double free in ParseContentEncodingEntry in mkvparser.cc CVE-2019-2126 libvpx: Out of bounds read in vp8nor...
RLSA-2020:4629 Moderate: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double free in ParseContentEncodingEntry in mkvparser.cc CVE-2019-2126 libvpx: Out of bounds read in vp8nor...
RHEL 7 : libvpx (RHSA-2020:3876)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3876 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimed...
Microsoft Windows WebM Video Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
USN-4431-1: FFmpeg vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected...
USN-4431-1 ffmpeg vulnerabilities
It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see:...
USN-4199-2: libvpx vulnerabilities
USN-4199-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted We...
USN-4199-2 libvpx vulnerabilities
USN-4199-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted We...
MGASA-2019-0369 Updated libvpx packages fix security vulnerabilities
Updated libvpx packages fix security vulnerabilities: It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary cod...
Updated libvpx packages fix security vulnerabilities
Updated libvpx packages fix security vulnerabilities: It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary cod...
Debian DSA-4578-1 : libvpx - security update
Multiple security issues were found in libvpx multimedia library which could result in denial of service and potentially the execution of arbitrary code if malformed WebM files are processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
Ubuntu 16.04 LTS / 18.04 LTS : libvpx vulnerabilities (USN-4199-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4199-1 advisory. It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially...