CVE-2017-2991

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec related to decompression. Successful exploitation could lead to arbitrary code execution...

UBUNTU-CVE-2017-2991

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec related to decompression. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution...

UBUNTU-CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2990

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution...

Fedora 25 : gd (2017-bab5698540)

Version 2.2.4 - 2017-01-18 Security - gdImageCreate doesn't check for oversized images and as such is prone to DoS vulnerabilities. CVE-2016-9317 - double-free in gdImageWebPtr CVE-2016-6912 - potential unsigned underflow in gdinterpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx Fixed -...

Debian Security Advisory DSA 3768-1 (openjpeg2 - security update)

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. OpenVAS Vulnerability Test $Id: deb3768.nasl 6607 2017-07-07 12:04:25Z cfischer $...

CVE-2016-6581

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...

PowerDNS Recursor Label Decompression DoS Vulnerability (2015-01)

PowerDNS Recursor is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-6906

The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...

Advantech SUSIAccess Server Directory Traversal Vulnerability

SUSIAccess is an easy-to-use remote device management software solution. A directory traversal vulnerability exists in Advantech SUSIAccess Server. An attacker can exploit the vulnerability to traverse files or upload and decompress zip files...

Decompression Bomb Testing

Decompression Bomb Testing A decompression bomb is a file designed to crash or render useless the program or system reading it, i.e. a denial of service. The files in this project can be used to test whether an application is vulnerable to this type of attack. A zip bomb, also known as a zip of...

USN-3090-1 Pillow vulnerabilities

It was discovered that a flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed, potentially leading to a denial of service. CVE-2014-9601 Andrew Drake discovered that Pillow incorrectly validated input. A remote attacker could use...

MGASA-2016-0318 Updated libarchive packages fix security vulnerability

The updated packages fix several security vulnerabilities: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with...

Adobe Flash - Video Decompression Memory Corruption Exploit

Exploit for multiple platform in category dos / poc...

Adobe Flash - Video Decompression Memory Corruption

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=857 The attached fuzz file causes memory corruption when decompressing embedded video content. Fixed in the September update Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40420.z...

libarchive: Heap buffer overflow in the Rar decompression functionality

A vulnerability was found in libarchive's handling of RAR archives. A specially crafted RAR file can cause a heap overflow, potentially leading to code execution in the context of the application...

libarchive: out of bounds heap read in RAR parser

A vulnerability was found in libarchive. A specially crafted RAR file could cause the application to read memory beyond the end of the decompression buffer...

Debian DSA-3665-1 : openjpeg2 - security update

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...