PT-2017-3889 · Freeware Advanced Audio Coder +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: FAAD2 version 2.7 Description: The issue is related to the mp4ff read mdhd function in the common/mp4ff/mp4atom.c file of the Freeware Advanced Audio Decoder 2 FAAD2. It is caused by a buffer overflow in memory, allowing an attacker to cause ...

CVE-2016-7534

The generic decoder in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted file...

CVE-2014-9847

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact...

CVE-2014-9847

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact...

Cisco NetFlow Generation Appliance SCTP decoder denial of service vulnerability

Cisco NetFlow Generation Appliance is the United States Cisco Cisco company's set of scalable for data centers to achieve traffic visibility solutions. A denial of service vulnerability exists in the processing of SCTP messages by the SCTP decoder in the Cisco NetFlow Generation Appliance. A remo...

JasPer 'jpc/jpc_dec.c' Denial of Service Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A denial of service vulnerability exists in JasPer. An attacker could exploit this vulnerability to cause a denial of service...

Fedora 24 : gstreamer1-plugins-good (2016-3a45d79132)

Add fix for gstreamer FLIC decoder vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability in the decoder/ih264dprocessintramb.c file of the Android operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or trigger a service failure memory corruption by using a specially...

The vulnerability of the Android operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the H.264 decoder in Android media servers relates to initialization errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely or cause a service failure memory corruption by using a specially crafted media file...

The vulnerability of the Android operating system allows a perpetrator to trigger a service failure or obtain confidential information from the process’s memory.

The vulnerability of the decoder/impeg2dbitstream.c file in the Android operating system is related to resource management errors. Exploiting this vulnerability can allow a remote attacker to obtain confidential information from the process’s memory or trigger a service failure memory overflow...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The automation system of the enterprise 1C:Enterprise contains a vulnerability in the Fast Infoset decoder library for working with XML documents xml2.dll. A malicious individual, by manipulating input data, can set the Fast Infoset decoder to the DOCUMENTCHARACTERENCODINGSCHEME state processing...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The 1C:Enterprise system contains a vulnerability in the Fast Infoset decoder of the xml2.dll library, which is used for working with XML documents. A malicious individual can manipulate input data, causing the Fast Infoset decoder to become in the EIIINDEXLARG state. This allows them to send an...

libtasn1: multiple boundary check issues

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service out-of-bounds read via crafted ASN.1 data...

CVE-2012-2135

The utf-16 decoder in Python 3.1 through 3.3 does not update the alignedend variable after calling the unicodedecodecallerrorhandler function, which allows remote attackers to obtain sensitive information process memory or cause a denial of service memory corruption and crash via unspecified...

DEBIAN-CVE-2012-0441

The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services NSS before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a...

JRE JPEG JFIF Decoder issue (6862969)

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...

PDF JBIG2 NULL dereference

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a NULL pointer dereference...

xpdf: Multiple integer overflows in JBIG2 decoder

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

PDF JBIG2 MMR infinite loop DoS

The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service infinite loop and hang via a crafted PDF file...

CVE-2009-0846

The asn1decodegeneraltime function in lib/krb5/asn.1/asn1decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 aka krb5 before 1.6.4 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via vectors involving an invalid DER encoding that...