Medium: php71, php72, php73

Issue Overview: Function iconvmimedecodeheaders in PHP may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.CVE-2019-11039 When using gdImageCreateFromXbm function of PHP gd extension, it is possible to supply data that...

CVE-2019-11039

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

CVE-2019-11039

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

Integer overflow

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

UBUNTU-CVE-2019-1787

A vulnerability in the Portable Document Format PDF scanning functionality of Clam AntiVirus ClamAV Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of proper da...

Design/Logic Flaw

It was discovered the fix for CVE-2018-19758 libsndfile was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

CVE-2018-14745

CVE-2018-14745 affects the bcmdhd4358 Wi‑Fi driver in the Samsung Galaxy S6 (SM-G920F). The flaw is a buffer overflow in prot_get_ring_space caused by improper validation of the ring buffer read pointer, enabling an attacker who already has code execution on the Wi‑Fi chip to overwrite kernel mem...

CVE-2019-9748

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

CVE-2019-3832

It was discovered the fix for CVE-2018-19758 was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

FreeBSD : curl -- multiple vulnerabilities (714b033a-2b09-11e9-8bc3-610fd6e6cd05)

curl security problems : CVE-2018-16890: NTLM type-2 out-of-bounds buffer read libcurl contains a heap buffer out-of-bounds read flaw. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer...

Debian DSA-4386-1 : curl - security update

Multiple vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2018-16890 Wenxiang Qian of Tencent Blade Team discovered that the function handling incoming NTLM type-2 messages does not validate incoming data correctly and is subject to an integer overflow vulnerability, which...

[SECURITY] [DSA 4386-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4386-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini February 06, 2019 https://www.debian.org/security/faq -...

Integer overflow

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that...

CURL-CVE-2018-16890 NTLM type-2 out-of-bounds buffer read

libcurl contains a heap buffer out-of-bounds read flaw. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server...

Debian: Security Advisory (DSA-4386-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in X.Org libs

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libs. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in X.Org libs. Vulnerability Details CVEID: CVE-2016-7953 Description: X.Org...

Denial Of Service

PostgreSQL is vulnerable to denial of service DoS attack. The attack exists because of failure to have proper the enumrecv function declaration in backend/utils/adt/enum.c causes an array index error, leading to a heap-based out-of-bounds buffer read flaw. Therefore, an unprivileged database user...

SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0868-1)

PHP was updated to fix ten security issues. The following vulnerabilities were fixed : - CVE-2014-9709: A specially crafted GIF file could cause a buffer read overflow in php-gd bnc923946 - CVE-2015-2301: Memory was use after it was freed in PHAR bnc922022 - CVE-2015-2305: heap overflow...

Bento4 Buffer Out-of-Bounds Read Vulnerability (CNVD-2019-07056)

Bento4 is an open source C++ library for reading and writing MP4 files. A heap buffer out-of-bounds read vulnerability exists in the 'AP4AvccAtom::Create' function of the Core/Ap4AvccAtom.cpp file in Bento4 version 1.5.1-627, which can be exploited by an attacker to cause a denial of service...