3202 matches found
Symantec Messaging Gateway < 10.6.2 RAR File Parser DoS Vulnerabilities
Symantec Messaging Gateway is prone to denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Out-of-bounds
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...
Memory corruption
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...
CVE-2016-5310
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...
NTP Privilege Escalation
Source: http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Introduction Problem description: The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as ro...
Out-of-bounds
The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...
CVE-2016-6906
The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...
CVE-2016-6906
The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...
CVE-2016-6906
CVE-2016-6906 affects the GD Graphics Library (libgd) read_image_tga in gd_tga.c, vulnerable before 2.2.4 due to an out-of-bounds read in the TGA decompression buffer when processing crafted images. This can cause denial of service; potential for remote impact is indicated in related advisories, ...
CVE-2016-6906
The readimagetga function in gdtga.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file, related to the decompression buffer...
Adobe Flash - ATF Planar Decompression Heap Overflow
Adobe Flash - ATF Planar Decompression Heap Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1016 The attached file causes heap corruption when decompressing a planar block. To reproduce the issue, but both attached files on a server and visit:...
Adobe Flash Heap Overflow in ATF Planar Decompression (CVE-2017-2934)
The attached file causes heap corruption when decompressing a planar block. To reproduce the issue, but both attached files on a server and visit: http://127.0.0.1/LoadImage.swf?img=planar1.atf Attachment: planar1. atf LoadImage. swf...
Adobe Flash - ATF Planar Decompression Heap Overflow
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1016 The attached file causes heap corruption when decompressing a planar block. To reproduce the issue, but both attached files on a server and visit: http://127.0.0.1/LoadImage.swf?img=planar1.atf Proof of Concept:...
[SECURITY] Fedora 25 Update: suricata-3.2.1-1.fc25
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
[SECURITY] Fedora 24 Update: suricata-3.2.1-1.fc24
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
Iceni Argus PDF Inflate+LZW Decompression Heap-Based Buffer Overflow Vulnerability
Summary An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability in the Flash Player decompression program lies in the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code memory corruption...
The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code
The vulnerability in the H.264 codec, related to the decompression process of the Flash Player software platform, arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...
CVE-2017-2991
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec related to decompression. Successful exploitation could lead to arbitrary code execution...
Memory corruption
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution...