22 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16612
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP...
RHEL 7 : libxcursor (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXcursor: file.c: heap-based buffer overflow when reading/creating images CVE-2017-16612 Note that Nessus has not...
RHEL 6 : libxcursor (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxcursor: 1-byte heap-based overflow in XcursorThemeInherits function in library.c CVE-2015-9262 -...
RHEL 5 : libxcursor (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxcursor: 1-byte heap-based overflow in XcursorThemeInherits function in library.c CVE-2015-9262 -...
RHEL 5 : libxcursor (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXcursor: file.c: heap-based buffer overflow when reading/creating images CVE-2017-16612 Note that Nessus has not...
Slackware: Security Advisory (SSA:2017-333-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libXcursor (EulerOS-SA-2018-1003)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for libXcursor FEDORA-2018-1c5dada34b
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3501-1: libxcursor vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that libxcursor incorrectly handled certain files. An attacker could use these issues to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code...
openSUSE Security Update : libXcursor (openSUSE-2018-196)
This update for libXcursor fixes the following issues : - CVE-2017-16612: It is possible to trigger heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments. boo1065386 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
SUSE SLES11 Security Update : xorg-x11-libs (SUSE-SU-2018:0246-1)
This update for xorg-x11-libs fixes several issues. These security issues were fixed : - CVE-2017-16612: Heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments bsc1065386. - CVE-2017-13720: Improper check for end of string in PatterMatch cause...
EulerOS 2.0 SP1 : libXcursor (EulerOS-SA-2018-1003)
According to the version of the libXcursor packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with...
Debian DSA-4059-1 : libxcursor - security update
It was discovered that libXcursor, a X cursor management library, is prone to several heap overflows when parsing malicious files. An attacker can take advantage of these flaws for arbitrary code execution, if a user is tricked into processing a specially crafted cursor file. %NASLMINLEVEL 70300 ...
[SECURITY] [DSA 4059-1] libxcursor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4059-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 08, 2017 https://www.debian.org/security/faq -...
MGASA-2017-0443 Updated libxcursor packages fix security vulnerability
Heap overflows when parsing malicious files. CVE-2017-16612...
Updated libxcursor packages fix security vulnerability
Heap overflows when parsing malicious files. CVE-2017-16612...
SUSE SLED12 / SLES12 Security Update : libXcursor (SUSE-SU-2017:3214-1)
This update for libXcursor fixes the following issues: Security issue fixed : - CVE-2017-16612: Fix integeroverflow while parsing images and a signedness issue while parsing comments bsc1065386. Note that Tenable Network Security has extracted the preceding description block directly from the SUS...
SUSE-SU-2017:3214-1 Security update for libXcursor
This update for libXcursor fixes the following issues: Security issue fixed: - CVE-2017-16612: Fix integeroverflow while parsing images and a signedness issue while parsing comments bsc1065386...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...