5956 matches found
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
DEBIAN-CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
Denial of service
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
CVE-2015-0295 affects the BMP decoding path in QtGui (Qt before 5.5). The BMP decoder fails to correctly calculate color masks, enabling a crafted BMP file to trigger a divide-by-zero and crash (remote denial of service). Connected sources (e.g., Qt/QtBase advisories and multiple Nessus entries) ...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-1779
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service memory and CPU consumption via a large 1 websocket payload or 2 HTTP headers section...
OracleVM 3.3 : openssl (OVMSA-2015-0039)
The remote OracleVM system is missing necessary patches to address critical security updates : - update fix for CVE-2015-0287 to what was released upstream - fix CVE-2015-0209 - potential use after free in d2iECPrivateKey - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
UBUNTU-CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
openssl security update
1.0.1e-30.7 - update fix for CVE-2015-0287 to what was released upstream 1.0.1e-30.6 - fix CVE-2015-0209 - potential use after free in d2iECPrivateKey - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix...
MGASA-2015-0112 Updated libtiff packages fix security vulnerabilities
The libtiff image decoder library contains several issues that could cause the decoder to crash when reading crafted TIFF images CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-9655, CVE-2015-1547...
Updated libtiff packages fix security vulnerabilities
The libtiff image decoder library contains several issues that could cause the decoder to crash when reading crafted TIFF images CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-9655, CVE-2015-1547...
jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...
jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)
A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer such as Nautilus to crash or, potentially, execute arbitrary cod...
jasper: dec->numtiles off-by-one check in jpc_dec_process_sot() (oCERT-2015-001)
An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...
MGASA-2015-0105 Updated qt3, qt4 and qtbase5 packages fix security vulnerability
The builtin BMP decoder in QtGui prior to Qt 5.5 contained a bug that would lead to a divsion by zero when loading certain corrupt BMP files CVE-2015-0295. This in turn would cause the application loading these hand crafted BMPs to crash. Qt3, Qt4 and qtbase5 have been patched to prevent this...
Updated qt3, qt4 and qtbase5 packages fix security vulnerability
The builtin BMP decoder in QtGui prior to Qt 5.5 contained a bug that would lead to a divsion by zero when loading certain corrupt BMP files CVE-2015-0295. This in turn would cause the application loading these hand crafted BMPs to crash. Qt3, Qt4 and qtbase5 have been patched to prevent this...
Microsoft Windows Photo Decoder Sensitive Memory Information Disclosure Vulnerability
Microsoft Windows Photo Decoder is a picture decoding program. A security vulnerability in Microsoft Windows Photo Decoder's handling of PEG XR .JXR files allows attackers to exploit the vulnerability to construct malicious files that can be parsed by the user and can be used to obtain sensitive...