MGASA-2018-0432 Updated mbedtls packages fix security vulnerabilities

Updated mbedtls package fixes security vulnerabilities: Fixed a vulnerability in the TLS ciphersuites based on use of CBC and SHA-384 in DTLS/TLS 1.0 to 1.2, that allowed an active network attacker to partially recover the plaintext of messages under certains conditions by exploiting timing...

Updated mbedtls packages fix security vulnerabilities

Updated mbedtls package fixes security vulnerabilities: Fixed a vulnerability in the TLS ciphersuites based on use of CBC and SHA-384 in DTLS/TLS 1.0 to 1.2, that allowed an active network attacker to partially recover the plaintext of messages under certains conditions by exploiting timing...

Information Disclosure

libexif.so is vulnerable to information disclosure. A buffer overread and integer overflow occur when decoding pentax makernote entries of an input file, which discloses confidential information such as heap chunk metadata and applications' private data. It may also result in a denial of service...

UBUNTU-CVE-2016-2120

An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overfl...

binutils: Heap-base buffer over-read in dwarf.c:process_cu_tu_index() allows for denial of service via crafted file

processcutuindex in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted binary file, as demonstrated by readelf...

freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash

An out-of-bounds buffer overflow flaw was found in FreeType prior to version 2.6.1...

curl: Out-of-bounds heap read when missing RTSP headers allows information leak or denial of service

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have...

CVE-2018-17622

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Cesanta Mongoose buffer overread vulnerability (CNVD-2019-09626)

Mongoose is a cross-platform embedded Web server and networking libraries , its features include TCP, HTTP clients and servers , WebSocket clients and servers , MQTT clients and proxies and so on. A heap buffer over-read vulnerability exists in the MQTT packet parsing feature...

Cesanta Mongoose Buffer Over-Read Vulnerability

Mongoose is a cross-platform embedded Web server and networking libraries , its features include TCP, HTTP clients and servers , WebSocket clients and servers , MQTT clients and proxies and so on. A heap buffer over-read vulnerability exists in the MQTT packet parsing function parsemqtt getu16 ca...

CVE-2017-18294

While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD...

Design/Logic Flaw

While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD...

CVE-2017-18294

CVE-2017-18294 describes a buffer overread when reading the ELF header file class type on Qualcomm closed‑source components (e.g., SoCs in Snapdragon/SD lines). The root cause is a size check mismatch where the ELF file size is less than the ELF64 header, potentially enabling local code execution...

CVE-2017-18294

While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD...

Xpdf Denial of Service Vulnerability (CNVD-2019-17491)

Xpdf is Foo Labs developed an open source PDF reader , it supports decoding LZW compressed format files and read encrypted PDF files . Xpdf 4.00 version of the Object.h file in the 'Object::isName' function has a security vulnerability. A remote attacker can exploit this vulnerability with a...

CVE-2018-18224

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information...

UBUNTU-CVE-2018-18455

The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...

DEBIAN-CVE-2018-18456

The function Object::isName in Object.h called from Gfx::opSetFillColorN in Xpdf 4.00 allows remote attackers to cause a denial of service stack-based buffer over-read via a crafted pdf file, as demonstrated by pdftoppm...

PT-2018-14470 · Foolabs +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.00 Description: The issue allows remote attackers to cause a denial of service via a crafted pdf file. This is due to a stack-based buffer over-read in the function Object::isName in Object.h, which is called from...

ALPINE-CVE-2018-18409

A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...