The vulnerability of Adobe Audition for Windows and macOS, related to recording beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS relates to recording beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...

The vulnerability of the Adobe Framemaker desktop publishing system arises from the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

The vulnerability of Adobe Audition for Windows and macOS, related to recording beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...

The vulnerability in the web-based administration interface of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 allows a malicious actor to cause device malfunctions or execute arbitrary code with root privileges.

The vulnerability in the web-based administration interface of Cisco Small Business RV320, Cisco Small Business RV325, Cisco Small Business RV016, Cisco Small Business RV042, and Cisco Small Business RV082 arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerabili...

The vulnerability of the PDF Reader component of the Microsoft Edge browser, which allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system’s PDF library, specifically Microsoft Edge browsers, arises due to an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created Microsoft...

The vulnerability of the HWP filter in the LibreOffice office software package allows a perpetrator to gain unauthorized access to confidential data, cause service failures, or compromise data integrity.

The vulnerability of the HWP filter in the LibreOffice office software package relates to the operation of the buffer data beyond its allowable limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service failures, or compromise data...

[slackware-security] libjpeg-turbo

New libjpeg-turbo packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libjpeg-turbo-2.0.5-i586-1slack14.2.txz: Upgraded. This update fixes bugs and a security issue: Fixed an issue in the PPM read...

RUSTSEC-2020-0167 `pnet_packet` buffer overrun in `set_payload` setters

As indicated by this issue, a buffer overrun is possible in the setpayload setter of the various mutable "Packet" struct setters. The offending setpayload functions were defined within the struct impl blocks in earlier versions of the package, and later by the packet macro. Fixed in the packet...

`pnet_packet` buffer overrun in `set_payload` setters

As indicated by this issue, a buffer overrun is possible in the setpayload setter of the various mutable "Packet" struct setters. The offending setpayload functions were defined within the struct impl blocks in earlier versions of the package, and later by the packet macro. Fixed in the packet...

The vulnerability of the OpenOffice office suite relates to the issue of operations occurring outside the buffer boundaries in memory. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the OpenOffice office suite is related to the issue of operations occurring outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and even cause service failures...

The vulnerability of the ChakraCore JavaScript script handler, related to the execution of operations beyond the buffer boundaries in memory, allows attackers to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the syntax analyzer and the YANG data modeling tool, Libyang, arises from writing beyond buffer boundaries in memory. This allows attackers to trigger service failures or execute arbitrary code.

The vulnerability of the syntax analyzer and the YANG data modeling language toolset lies in the writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

The vulnerability of the GIFLZWDecompressor function in the OpenOffice office package allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GIFLZWDecompressor function in the OpenOffice office package is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...

The vulnerability of the Microsoft JET Database Engine database driver on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft JET Database Engine database driver for the Windows operating system is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...

UBUNTU-CVE-2017-9103

An issue was discovered in adns before 1.5.2. papmailbox822 does not properly check st from adnsfindlabelnext. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling progra...

CVE-2017-9103

CVE-2017-9103 affects adns before 1.5.2. The issue: pap_mailbox822 does not properly check st from adns__findlabel_next, allowing an uninitialized stack value to be used as the first label length. This can cause a crash, memory leakage, excessive memory allocation, or buffer overruns, depending o...

DEBIAN-CVE-2017-9106

An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...

DEBIAN-CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

CVE-2017-9106

An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...