[SECURITY] [DLA 883-1] curl security update

Package : curl Version : 7.26.0-1+wheezy18+deb7u1 CVE ID : CVE-2017-7407 It was discovered that there was a buffer read overrun vulnerability in curl, a tool for downloading files from the internet, etc. If a "%" ended the --write-out parameter, the strings trailing NUL would be skipped and memor...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows Graphics component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

The vulnerability of the Cisco NX-OS network operating system, which runs on Cisco Nexus 9000 Series switches, allows a malicious actor to initiate unauthorized processes on the system.

The vulnerability of the remote input function in the network operating system of Cisco NX-OS, which operates on Cisco Nexus 9000 Series switches, arises due to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to initiate unauthorized input...

Microsoft Edge browser vulnerability, allowing a hacker to execute arbitrary code

The vulnerability of Microsoft Edge arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

[SECURITY] [DLA 880-1] tiff3 security update

Package : tiff3 Version : 3.9.6-11+deb7u4 CVE ID : CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 tiff3 is affected by multiple issues that can result at least in denial of services of applications using libtiff4. Crafted TIFF files can be provid...

The vulnerability of the Windows operating system and the Microsoft Edge browser allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system’s PDF library, specifically Microsoft Edge browsers, arises due to an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created Microsoft...

chicken -- multiple vulnerabilities

CHICKEN reports: CVE-2017-6949: Unchecked malloc call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault CVE-2017-9334: "length" crashes on improper lists CVE-2017-11343: The randomization factor of the symbol table was set before...

Vulnerabilities of operating systems such as Mac OS X and iOS, allowing attackers to execute arbitrary code or cause system failures

The vulnerability of the Audio component in Mac OS X and iOS operating systems arises from the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption, application terminatio...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the FFmpeg component in Google Chrome browsers arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service interruptions through the use of a specially created video file...

The vulnerabilities in operating systems such as Mac OS X and iOS allow attackers to trigger service failures or execute arbitrary code.

The vulnerability of the CoreGraphics component in Mac OS X and iOS operating systems arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption,...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the ImageIO component in the Mac OS X operating system arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure e.g., termination of the...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the ImageIO component in the Mac OS X operating system arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure termination of the application by using a...

PT-2017-9655 · Iceni · Iceni Argus

Name of the Vulnerable Software and Affected Versions: Iceni Argus affected versions not specified Description: An integer-overflow issue exists when Iceni Argus attempts to convert a malformed PDF to XML. The application tries to convert each character from a font into a polygon and then rasteri...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption during the execution of “junk” files...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability in the Flash Video FLV file format of the Flash Player software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...