SUSE SLED12 / SLES12 Security Update : libqt5-qtbase (SUSE-SU-2015:1383-1)

This security update fixes the following issues : - Add libqt5-Fix-a-division-by-zero-processing-malformed-BMP.p atch - QTBUG-44547, bsc921999 CVE-2015-0295 - Add libqt5-Fixes-crash-in-bmp-and-ico-image-decoding.patch - bsc927806 CVE-2015-1858, bsc927807 CVE-2015-1859 - Add...

Mozilla: Buffer overflows on Libvpx when decoding WebM video (MFSA 2015-89)

Heap-based buffer overflow in the resizecontextbuffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data...

Mozilla: Buffer overflows on Libvpx when decoding WebM video (MFSA 2015-89)

The decreaserefcount function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read via malformed WebM video data...

wireshark security, bug fix, and enhancement update

1.8.10-17.0.2 - Fix ocfs2 dissector John Haxby orabug 21505640 1.8.10-17.0.1.el6 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.8.10-17 - security patches - Resolves: CVE-2015-2189 CVE-2015-2191 1.8.10-16 - security patches - Resolves: CVE-2014-8710 CVE-2014-8711...

UBUNTU-CVE-2015-1872

The ffmjpegdecodesof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...

gnutls -- double free in certificate DN decoding

gnutls.org reports: Kurt Roeckx reported that decoding a specific certificate with very long DistinguishedName DN entries leads to double free, which may result to a denial of service. Since the DN decoding occurs in almost all applications using certificates it is recommended to upgrade the late...

Fedora 22 : libwmf-0.2.8.4-45.fc22 (2015-10627)

CVE-2015-0848 heap overflow when decoding BMP images CVE-2015-4588 RLE decoding doesn't check that the 'count' fits into the image CVE-2015-4695 metapencreate heap buffer overflow CVE-2015-4696 wmf2gd/wmf2eps use after free Note that Tenable Network Security has extracted the preceding descriptio...

OvisLink AirLive IP Cameras WL-2000CAM and Airlive IP Cameras POE-200CAM Operating System Command Injection Vulnerability

OvisLink Airlive IP Cameras WL-2000CAM and Airlive IP Cameras POE-200CAM are both network camera products from OvisLink. An operating system command injection vulnerability exists in the /cgi-bin/mft/wirelessmft.cgi binary file in the OvisLink AirLive IP Cameras WL-2000CAM and Airlive IP Cameras...

Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow', 'Description' = %q This module exploits a buffer overflow on Ado...

Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow', 'Description' = %q This module exploits a buffer overflow on Adobe...

Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow

This module exploits a buffer overflow on Adobe Flash Player when handling nellymoser encoded audio inside a FLV video, as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 32-bit, IE11 and Adobe Flash 18.0.0.160, Windows 7 SP1 32-bit, Firefox 38.0.5 a...

[SECURITY] [DLA 253-1] libwmf security update

Package : libwmf Version : 0.2.8.4-6.2+deb6u1 CVE ID : CVE-2015-0848 CVE-2015-4588 Debian Bug : 787644 The following vulnerabilities were discovered in the Windows Metafile conversion library when reading BMP images embedded into WMF files: CVE-2015-0848 A heap overflow when decoding embedded BMP...

Debian DLA-253-1 : libwmf security update

The following vulnerabilities were discovered in the Windows Metafile conversion library when reading BMP images embedded into WMF files : CVE-2015-0848 A heap overflow when decoding embedded BMP images that don't use 8 bits per pixel. CVE-2015-4588 A missing check in the RLE decoding of embedded...

Slack: Link vulnerability leads to phishing attacks

Hello Guys, Hope you are doing great. I'm sending this email to let you know about a vulnerability i stumbled upon while using slack it's a great app!. While copy-pasting a link from a pdf to slack desktop/web, i noticed that the resulting links looked a bit messed up 1.png Firing up burp and...

UBUNTU-CVE-2013-1753

The gzipdecode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service memory consumption via a crafted HTTP request...

SUSE-SU-2015:1383-1 Security update for libqt5-qtbase

This security update fixes the following issues: Add libqt5-Fix-a-division-by-zero-processing-malformed-BMP.patch - QTBUG-44547, bsc921999 CVE-2015-0295 Add libqt5-Fixes-crash-in-bmp-and-ico-image-decoding.patch - bsc927806 CVE-2015-1858, bsc927807 CVE-2015-1859 Add...

Mozilla Firefox Conditional Contested Memory Misreference Vulnerability

Mozilla Firefox is a popular open source WEB browser. Mozilla Firefox's creation of a media decoding thread in the shutdown process can lead to a race condition vulnerability that can lead to memory misreferences, which allows remote attackers to exploit the vulnerability to build malicious WEB...

GNU Libtasn1 'decoding.c' Heap Buffer Overflow Vulnerability

GNU Libtasn1 is a stand-alone library written in C for manipulating ASN.1 objects that include DER/BER encoding and decoding. A heap buffer overflow vulnerability exists in the asn1extractderoctet function of GNU Libtasn1 lib/decoding.c. A remote attacker could cause a denial of service by...

Design/Logic Flaw

The asn1extractderoctet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service out-of-bounds heap read via a crafted certificate...

Mandriva Linux Security Advisory : libtasn1 (MDVSA-2015:232)

Updated libtasn1 packages fix security vulnerability : A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...