CVE-2017-0722

A remote code execution vulnerability in the Android media framework h263 decoder. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37660827...

CVE-2017-0730

CVE-2017-0730 is described as a denial-of-service in the Android media framework h264 decoder affecting Android 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2. The connected CNVD entry reiterates a DoS in the Media framework h264 decoder, but the provided documents do not specify the root cause, affected file...

Advantech WebAccess RtspVapgDecoderNew2 SetLangStringHex Out-of-Scope Access Remote Code Execution Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. The lack of proper validation of user-supplied data leads ...

Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Height Stack Buffer Overflow Remote Code Execution Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D ha...

UBUNTU-CVE-2017-12601

OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...

DEBIAN-CVE-2017-12601

OpenCV Open Source Computer Vision Library through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case...

python security and bug fix update

2.7.5-58.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-58 - Set stream to None in case an open fails. Resolves: rhbz1432003 2.7.5-57 - Fix implicit declaration warnings of functions added by patches 147 and 265 Resolves: rhbz1441237 2.7.5-56 - Fix shutil.makearchive...

OpenCV Buffer Overflow Vulnerability (CNVD-2017-24177)

OpenCV is an open source, cross-platform, lightweight computer vision library. A buffer overflow vulnerability exists in the 'cv::BmpDecoder::readData' function in the modules/imgcodecs/src/grfmtbmp.cpp file in OpenCV 3.3 and earlier. An attacker could use this vulnerability to cause a denial of...

DEBIAN-CVE-2017-12429

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service...

libmad 'mad_decoder_run' function denial of service vulnerability

libmad is an open source MPEG audio decoding library that provides 24-bit PCM output for platforms without floating point support. A security vulnerability exists in the 'maddecoderrun' function of the decoder.c file in libmad version 0.15.1b. A remote attacker can exploit this vulnerability to...

gstreamer: Invalid memory read in g_type_check_instance_is_fundamentally_a

The gstdecodechainfreeinternal function in the flxdex decoder in gst-plugins-good in GStreamer before 1.10.2 allows remote attackers to cause a denial of service invalid memory read and crash via an invalid file, which triggers an incorrect unref call...

libmad 0.15.1b - 'mp3' Memory Corruption

libmad memory corruption vulnerability ================ Author : qflb.wu =============== Introduction: ============= libmad is a high-quality MPEG audio decoder capable of 24-bit output. Affected version: ===== 0.15.1b Vulnerability Description: ========================== the maddecoderrun functi...

libmad 0.15.1b - mp3 Memory Corruption

libmad 0.15.1b - mp3 Memory Corruption libmad memory corruption vulnerability ================ Author : qflb.wu =============== Introduction: ============= libmad is a high-quality MPEG audio decoder capable of 24-bit output. Affected version: ===== 0.15.1b Vulnerability Description:...

libmad 0.15.1b - mp3 Memory Corruption Exploit

Exploit for linux platform in category dos / poc libmad memory corruption vulnerability ================ Author : qflb.wu =============== Introduction: ============= libmad is a high-quality MPEG audio decoder capable of 24-bit output. Affected version: ===== 0.15.1b Vulnerability Description:...

CVE-2017-0719

A remote code execution vulnerability in the Android media framework mpeg2 decoder. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673...

MGASA-2017-0227 Updated gdk-pixbuf2.0 packages fix security vulnerability

The gdk-pixbuf2.0 package has been updated to version 2.36.7, which fixes integer overflows in the ico, bmp, and tiff decoder, as well as fixing other bugs...

UBUNTU-CVE-2017-11399

Integer overflow in the apedecodeframe function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access and application crash or possibly have unspecified other impact via a crafted APE file...

Updated jbig2dec packages fix security vulnerability

Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened CVE-2016-9601. Artifex jbig2dec has a heap-based buffer over-read leading to...

MGASA-2017-0206 Updated jbig2dec packages fix security vulnerability

Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened CVE-2016-9601. Artifex jbig2dec has a heap-based buffer over-read leading to...

openSUSE Security Update : GraphicsMagick (openSUSE-2017-781)

This update for GraphicsMagick fixes the following issues : - CVE-2017-8350: an additional fix for a denial of service memory leak in the JNG decoder was done. boo1036985 c13-c21 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...