CVE-2017-16374

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the JPEG 2000 module. An invalid JPEG 2000 inp...

CVE-2017-3112

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid out-of-range pointer offset during...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-36675)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because nm.c and objdump.c in GNU Binutils fail to proper...

PT-2017-14694 · I2P +1 · I2Pd +2

Name of the Vulnerable Software and Affected Versions: i2pd versions prior to 2.17 kovri versions prior to 2.17 pre-alpha implementations Description: The issue is related to the improper handling of Garlic DeliveryTypeTunnel packets in the I2P routing protocol, which allows remote attackers to...

DEBIAN-CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

UBUNTU-CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

FreeBSD-SA-17:11.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-17:11.openssl Security Advisory The FreeBSD Project Topic: OpenSSL multiple vulnerabilities Category: contrib Module: openssl Announced: 2017-11-29 Affects: All...

BSA-2017-455

Security Advisory ID : BSA-2017-455 Component : dnsmasq Revision : 2.0: Final An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the DNS code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash...

BSA-2017-454

Security Advisory ID : BSA-2017-454 Component : dnsmasq Revision : 2.0: Final An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configuration...

CVE-2017-11089

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWERMODE with data of size less than 4 bytes...

DEBIAN-CVE-2017-11089

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWERMODE with data of size less than 4 bytes...

CVE-2017-11090

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in wlanhddcfg80211setpmksa when user space application sends PMKID of size less than WLANPMKIDLEN bytes...

CVE-2017-11089

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWERMODE with data of size less than 4 bytes...

CVE-2017-11090

CVE-2017-11090 involves a buffer overread in the WLAN PMKID handling path (__wlan_hdd_cfg80211_set_pmksa) when a PMKID shorter than WLAN_PMKID_LEN is provided. Affected platforms include Android for MSM, Firefox OS for MSM, QRD Android, and CAF-based Android builds using the Linux kernel. The roo...

CVE-2017-11089

CVE-2017-11089: A buffer overread in nl80211_set_station occurs when a user-space app sends NL80211_ATTR_LOCAL_MESH_POWER_MODE with data smaller than 4 bytes. Affected: Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel. Root cause and exact vendor-specific fixes a...

CVE-2017-11089

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWERMODE with data of size less than 4 bytes...

CVE-2017-11089

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWERMODE with data of size less than 4 bytes...

CVE-2017-11090

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in wlanhddcfg80211setpmksa when user space application sends PMKID of size less than WLANPMKIDLEN bytes...

expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences

The big2toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service application crash via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlo...

expat: buffer over-read and crash on XML with malformed UTF-8 sequences

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...