7041 matches found
jasper: integer overflow in jpc_dec_process_siz()
Integer overflow in the jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure...
bind: assertion failure in DNSSEC validation
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
CVE-2017-3139
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
EulerOS 2.0 SP1 : bind (EulerOS-SA-2017-1077)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remo...
EulerOS 2.0 SP2 : bind (EulerOS-SA-2017-1078)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remo...
CVE-2017-8372
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...
Code injection
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...
CVE-2017-8372
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...
CVE-2017-8372
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...
CVE-2017-8372
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file...
PT-2017-18298 · Underbit Technologies +1 · Libmad +1
Name of the Vulnerable Software and Affected Versions: libmad version 0.15.1b Description: The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and application exit, via a crafted audio file. This is related to the mad layer III function in layer3.c,...
EulerOS 2.0 SP1 : bind (EulerOS-SA-2017-1025)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this fla...
EulerOS 2.0 SP1 : squid (EulerOS-SA-2016-1056)
According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of...
libmad -- multiple vulnerabilities
National Vulnerability Database: CVE-2017-8372: The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file. CVE-2017-8373: The madlayerIII function ...
[ASA-201704-11] bind: denial of service
Arch Linux Security Advisory ASA-201704-11 ========================================== Severity: High Date : 2017-04-29 CVE-ID : CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-239 Summary ======= The package...
Amazon Linux AMI : bind (ALAS-2017-826)
A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. CVE-2017-3137 A denial ...
NetIQ Access Manager Cross-Site Scripting Vulnerability (CNVD-2017-06744)
NetIQ Access Manager provides a simple, secure, and scalable solution for handling Web access requirements. A cross-site scripting vulnerability exists in the AssertionConsumerServiceURL field of a signed AuthnRequest in the samlp:AuthnRequest document for NetIQ Access Manager. A remote attacker...
Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20170420)
Security Fixes : - A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
Amazon Linux AMI : GraphicsMagick (ALAS-2017-820)
The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service out-of-bounds read and application crash via a small samples per pixel value in a CMYKA TIFF file.CVE-2017-6335 The WPG format reader in GraphicsMagick 1.3.2...
CVE-2017-5183
NetIQ Access Manager 4.2.2 and 4.3.x before 4.3.1+, when configured as an Identity Server, has XSS in the AssertionConsumerServiceURL field of a signed AuthnRequest in a samlp:AuthnRequest document...