[SECURITY] Fedora 27 Update: mpg123-1.25.6-1.fc27

Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 most commonly MPEG 1.0 layer 3 aka MP3, as well as re-usable decoding and output libraries...

Adobe Acrobat Reader DC jpeg decoder Remote Code Execution Vulnerability(CVE-2017-2971)

Summary A use of uninitialized memory vulnerability exists in JPEG image file format decoding code of Adobe Acrobat Reader which ultimately leads to a heap-based buffer overflow which can be abused to achieve remote code execution. A specially crafted PDF file with an embedded JPEG can trigger th...

[SECURITY] Fedora 25 Update: mpg123-1.25.6-1.fc25

Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 most commonly MPEG 1.0 layer 3 aka MP3, as well as re-usable decoding and output libraries...

USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04...

[SECURITY] Fedora 26 Update: mpg123-1.25.6-1.fc26

Real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2 and 3 most commonly MPEG 1.0 layer 3 aka MP3, as well as re-usable decoding and output libraries...

UBUNTU-CVE-2015-6673

Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32...

CVE-2015-6673

Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32...

MP3Gain mpglibDBL buffer overflow vulnerability (CNVD-2017-33787)

MP3Gain is a MP3 file volume adjustment application. mpglibDBL is one of the MPEG file decoders. A buffer overflow vulnerability exists in the copymp of the interface.c file of mpglibDBL in MP3Gain. A remote attacker could exploit this vulnerability to cause a denial of service or possibly execut...

Ubuntu: Security Advisory (USN-3420-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3420-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-1 advisory. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3420-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3420-2 advisory. USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

USN-3420-2 linux-lts-xenial vulnerabilities

USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

USN-3420-1: Linux kernel vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the Flash-Friendly File System...

USN-3420-1 linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the Flash-Friendly File System...

USN-3415-1: tcpdump vulnerabilities

Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code. CVE-2017-11543 Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function...

USN-3415-1 tcpdump vulnerabilities

Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code. CVE-2017-11543 Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function...

CVE-2017-14272

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000595d."...

ALPINE-CVE-2017-14223

In libavformat/asfdecf.c in FFmpeg 3.3.3, a DoS in asfbuildsimpleindex due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would...

UBUNTU-CVE-2017-14223

In libavformat/asfdecf.c in FFmpeg 3.3.3, a DoS in asfbuildsimpleindex due to lack of an EOF End of File check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but does not contain sufficient backing data, is provided, the for loop would...