CVE-2017-16392

Technical details for CVE-2017-16392 are not publicly available in the provided documents. Please monitor for updates from official advisories and vendor bulletins.

CVE-2017-16395

Adobe Acrobat/Reader suffers a vulnerability in the EMF image conversion module due to a buffer length mismatch when processing EMR_STRETCHDIBITS. This can allow arbitrary code execution if an attacker can control accessible memory. Affected versions include 2017.012.20098 and earlier (and other ...

CVE-2017-16392

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in the JPEG processin...

FreeBSD : cURL -- Multiple vulnerabilities (301a01b7-d50e-11e7-ac58-b499baebfeaf)

The cURL project reports : - NTLM buffer overflow via integer overflow CVE-2017-8816libcurl contains a buffer overrun flaw in the NTLM authentication code. The internal function Curlntlmcoremkntlmv2hash sums up the lengths of the user name + password = SUM and multiplies the sum by two = SIZE to...

CURL-CVE-2017-8818 SSL out of buffer access

libcurl contains an out boundary access flaw in SSL related code. When allocating memory for a connection the internal struct called connectdata, a certain amount of memory is allocated at the end of the struct to be used for SSL related structs. Those structs are used by the particular SSL libra...

CVE-2017-11023

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

Security feature bypass

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16385)

A buffer access vulnerability exists in Adobe Reader and Acrobat. The vulnerability is is caused by a buffer access with incorrect length value in TIFF parsing during XPS conversion. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

CVE-2017-11056

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault...

CVE-2017-11041

In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another...

CVE-2017-11041

In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another...

CVE-2017-11041

CVE-2017-11041 affects Qualcomm LibOmxVenc in Android CAF/Linux-kernel builds. The issue is listed as a remote-code-execution vulnerability (RCE) with Critical severity, arising from a buffer-management flaw that could allow exploitation via a specially crafted file. Android security bulletins fl...

CVE-2017-11041

In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another...

CVE-2017-7741

In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a segmentation violation with write memory access via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585...

Fedora 24 : 2:qemu (2017-12394e2cc7)

CVE-2016-6836: vmxnet: Information leakage in vmxnet3completepacket bz 1366370 - CVE-2016-7909: pcnet: Infinite loop in pcnetrdraaddr bz 1381196 - CVE-2016-7994: virtio-gpu: memory leak in resourcecreate2d bz 1382667 - CVE-2016-8577: 9pfs: host memory leakage in v9fsread bz 1383286 -...

Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read

Microsoft Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=685 The attached Proof-of-Concept crashes Windows 7 with special pool enabled on win32k.sys. The crash is due accessing memory past the end of a buffer. Pro...

FreeBSD : qemu, xen-tools -- QEMU heap overflow flaw with certain ATAPI commands (da451130-365d-11e5-a4a5-002590263bf5)

The Xen Project reports : A heap overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the...

OracleVM 3.3 : xen (OVMSA-2015-0067)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/traps: loop in the correct direction in compatiret This is XSA-136. CVE-2015-4164 - pcnet: force the buffer access to be in bounds during tx 4096 is the maximum length per TMD and it is also...

CentOS Update for kmod-kvm CESA-2015:1003 centos5

Check the version of kmod-kvm SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882193";...

F5 Networks BIG-IP : QEMU vulnerability (SOL16620) (Venom)

An out-of-bounds memory access flaw, also known as 'VENOM,' was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on th...