CVE-2015-1227

The CVE-2015-1227 issue affects Google Chrome’s Blink rendering engine (DragImage::create in platform/DragImage.cpp). The root cause is uninitialized memory used for image drawing, as reported for Chrome versions prior to 41.0.2272.76. This memory initialization flaw could allow a remote attacker...

UBUNTU-CVE-2015-1227

The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which t...

CVE-2015-1227

The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which t...

chromium-browser: Uninitialized value in blink

The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which t...

UBUNTU-CVE-2014-9655

The 1 putcontig8bitYCbCr21tile function in tifgetimage.c or 2 NeXTDecode function in tifnext.c in LibTIFF allows remote attackers to cause a denial of service uninitialized memory access via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif...

openSUSE Security Update : vlc (openSUSE-SU-2015:0201-1)

vlc was updated to the current openSUSE Tumbleweed version. live555 was also updated to the current openSUSE Tumbleweed version as a dependency. Security issues fixed : - Fix various buffer overflows and null ptr dereferencing boo914268, CVE-2014-9625. Other fixes : - Enable SSE2 instruction set...

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

UBUNTU-CVE-2015-1361

platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact...

OpenJDK: DER decoder infinite loop (Security, 8059485)

A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...

jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)

An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...

FFmpeg 'vmd_decode' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'vmddecode' function in the FFmpeg 'libavcodec/vmdvideo.c' file. As the program fails to validate the relationship between the length value and the...

UBUNTU-CVE-2014-9604

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...

glibc: crash in code page decoding functions (IBM933, IBM935, IBM937, IBM939, IBM1364)

An out-of-bounds read flaw was found in the way glibc's iconv function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv function with a specially crafted argument could use this flaw to crash that application...

Data Stream Encryption: ciphr

Data Stream Encryption Ciphr is a CLI tool for performing and composing encoding, decoding, encryption, decryption, hashing, and other various operations on streams of data. It takes provided data, file data, or data from stdin, and executes a pipeline of functions on the data stream, writing the...

CVE-2014-9317

The decodeihdrchunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file...

DEBIAN-CVE-2014-9316

The mjpegdecodeapp function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file...

FreeBSD : mozilla -- multiple vulnerabilities (7ae61870-9dd2-4884-a2f2-f19bb5784d09)

The Mozilla Project reports : ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer...

OracleVM 2.1 : libxml2 (OVMSA-2009-0018)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add bug347316.patch to backport fix for bug347316 from upstream version - Add libxml2-enterprise.patch and update logos in tarball - Fix a couple of crash CVE-2009-2414, CVE-2009-2416 - Resolves:...

OracleVM 2.1 : libtiff (OVMSA-2009-0027)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix buffer overrun risks caused by unchecked integer overflow CVE-2009-2347 Resolves: 507725 - Fix some more LZW decoding vulnerabilities CVE-2009-2285 Resolves: 507725 - Update upstream URL - Use...

DEBIAN-CVE-2014-8541

libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via...