PHP 5.6.x < 5.6.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

PHP 7.0.x < 7.0.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

PHP 5.5.x < 5.5.34 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.34. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

php -- multiple vulnerabilities

The PHP Group reports: Fileinfo: Fixed bug 71527 Buffer over-write in finfoopen with malformed magic file. mbstring: Fixed bug 71906 AddressSanitizer: negative-size-param -1 in mbflstrcut. Phar: Fixed bug 71860 Invalid memory write in phar on filename with \0 in name. SNMP: Fixed bug 71704...

Heap overflow

The needSamples method in AudioOutputSpeech.cpp in the client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots, Mumble for iOS 1.1 through 1.2.2, and MumbleKit before commit fd190328a9b24d37382b269a5674b0c0c7a7e36d does not check the return value of the opusdecodefloat function, which allows...

CVE-2014-0045

The needSamples method in AudioOutputSpeech.cpp in the client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots, Mumble for iOS 1.1 through 1.2.2, and MumbleKit before commit fd190328a9b24d37382b269a5674b0c0c7a7e36d does not check the return value of the opusdecodefloat function, which allows...

CVE-2014-0045

CVE-2014-0045 affects Mumble: in needSamples, the code path via opus_decode_float does not check the return value, allowing a crafted Opus voice packet to trigger a heap-based buffer over-read/over-write and a crash, potentially enabling arbitrary code execution. Affected: Mumble 1.2.4 and the 1....

Mandriva Linux Security Advisory : icedtea-web (MDVSA-2012:122)

Multiple vulnerabilities has been discovered and corrected in icedtea-web : An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the browser used,...

Mandriva Update for icedtea-web MDVSA-2012:122 (icedtea-web)

Check for the Version of icedtea-web OpenVAS Vulnerability Test Mandriva Update for icedtea-web MDVSA-2012:122 icedtea-web Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Several vulnerabilities found in IcedTea-Web

The IcedTea project team reports: CVE-2012-3422: Use of uninitialized instance pointers An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the...