UBUNTU-CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service crash via crafted BER data, which leads to a buffer overflow...

UBUNTU-CVE-2016-3078

Multiple integer overflows in phpzip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted call to 1 getFromIndex or 2 getFromName in the ZipArchive...

libksba: Multiple vulnerabilities

Background Libksba is a X.509 and CMS PKCS7 library. Description libksba is vulnerable to two integer overflows and a Denial of Service vulnerability. Please read the references for additional details. Impact Remote attackers could cause Denial of Service or unspecified other vectors through...

CVE-2016-4073

Multiple integer overflows in the mbflstrcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted mbstrcut call...

VLC Media Player < 2.2.2 Multiple Vulnerabilities

Binary data 9267.prm...

CVE-2016-0849

Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...

CVE-2016-0849

Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...

Multiple vulnerabilities in OpenSSL affect AIX

IBM SECURITY ADVISORY First Issued: Mon Apr 4 11:04:25 CDT 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory18.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory18.asc...

[slackware-security] libevent

New libevent packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libevent-2.0.22-i486-1slack14.1.txz: Upgraded. Multiple integer overflows in the evbuffer API allow context-dependent attackers to...

CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app...

CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app...

About the security content of watchOS 2.2

About the security content of watchOS 2.2 This document describes the security content of watchOS 2.2. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...

Debian DSA-3520-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. %NASLMINLEVEL 70300 C...

[SECURITY] [DSA 3520-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3520-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 18, 2016 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3520-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3520.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3520-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

DSA-3520-1 icedove - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3520-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED11 / SLES11 Security Update : libotr (SUSE-SU-2016:0706-1)

This update for libotr fixes the following issues : - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...

CVE-2016-0827

Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...

CVE-2016-0827

Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...