CVE-2017-15019

LAME 3.99.5 has a NULL Pointer Dereference in the hipdecodeinit function within libmp3lame/mpglibinterface.c via a malformed mpg file, because of an incorrect calloc call...

CVE-2017-15019

LAME 3.99.5 has a NULL Pointer Dereference in the hipdecodeinit function within libmp3lame/mpglibinterface.c via a malformed mpg file, because of an incorrect calloc call...

CVE-2017-15019

CVE-2017-15019 affects LAME 3.99.5, where a NULL pointer dereference occurs in hip_decode_init in libmp3lame/mpglib_interface.c during processing of a malformed MPG file due to an incorrect calloc. Reported across multiple advisories and distributions, the issue is mitigated by upgrading to later...

PT-2017-13821 · Lame +3 · Lame +3

Name of the Vulnerable Software and Affected Versions: LAME version 3.99.5 Description: The issue is related to a NULL Pointer Dereference in the hip decode init function within libmp3lame/mpglib interface.c. This occurs when processing a malformed mpg file, due to an incorrect calloc call...

Apple iOS / macOS - NSKeyedArchiver Heap Corruption Due to Rounding Error in TIKeyboardLayout initWi

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1172 Using lldb inside a simple helloworld app for iOS we can see that there are over 600 classes which we could get deserialized for persistance for example. The TextInput...

CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

DEBIAN-CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

Null pointer dereference

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

CVE-2017-6298

CVE-2017-6298 affects ytnef/libytnef up to version 1.9.1, with multiple related issues including NULL pointer dereferences and heap/write errors in decoding winmail.dat attachments. Public docs show a core vulnerability pattern: NULL pointer dereference, out-of-bounds/heap-buffer issues from inco...

UBUNTU-CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

CVE-2017-6298

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."...

Red Hat Enterprise Linux glibc Denial of Service Vulnerability

Red Hat Enterprise Linux RHEL is a set of Linux operating systems maintained and distributed by Red Hat for business users. A security vulnerability exists in the 'calloc' function in the glibc package for Red Hat Enterprise Linux RHEL versions 6.7 and 7.2, which arises from a program that fails ...

Amazon Linux: Security Advisory (ALAS-2016-660)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: glibc

Issue Overview: It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes. Affected Packages: glibc Issue Correction: Run yum update glibc or yum update --advisory...

Oracle: Security Advisory (ELSA-2016-0176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20160216)

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

CentOS Update for glibc CESA-2016:0176 centos7

Check the version of glibc SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882399";...

glibc: calloc may return non-zero memory

It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes...