Debian DLA-1262-1 : thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, use after free, integer overflows and other implementation errors may lead to crashes or the execution of arbitrary code. For Debian 7 'Wheezy', these problems have been fixed in versio...

openSUSE Security Update : tre (openSUSE-2018-91)

This update for tre fixes one issue. This security issue was fixed : - CVE-2016-8859: Fixed multiple integer overflows which allowed attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggered an out-of-bounds write boo1005483 %NASLMINLEVEL 70300 C Tenable Netwo...

Debian DSA-4096-1 : firefox-esr - security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, integer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing. C Tenable Network Security, Inc. The...

EulerOS 2.0 SP2 : libXcursor (EulerOS-SA-2018-1004)

According to the version of the libXcursor packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with...

EulerOS 2.0 SP1 : libXcursor (EulerOS-SA-2018-1003)

According to the version of the libXcursor packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with...

Debian DSA-4088-1 : gdk-pixbuf - security update

It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened. C Tenable Network Security, Inc. The descriptive text and package checks in this...

Debian: Security Advisory (DLA-929-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-4088-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-877-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1234-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14)

This update for java-170-openjdk fixes the following issues : Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

Debian: Security Advisory (DLA-1235-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-1235-1 : opencv security update

Opencv 3.3 and earlier has problems while reading data, which might result in either buffer overflows or integer overflows. For Debian 7 'Wheezy', these problems have been fixed in version 2.3.1-11+deb7u3. We recommend that you upgrade your opencv packages. NOTE: Tenable Network Security has...

[SECURITY] [DLA 1234-1] gdk-pixbuf security update

Package : gdk-pixbuf Version : 2.26.1-1+deb7u7 CVE ID : CVE-2017-1000422 It was discovered that there were several integer overflows in gdk-pixbuf, a library to manipulate images for the GTK graphics toolkit. This could have led to memory corruption and potential code execution. For Debian 7...

CVE-2017-17122

The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...

CVE-2017-17122

CVE-2017-17122 affects GNU Binutils 2.29.1 (dump_relocs_in_section in objdump.c). The vulnerability arises from not checking reloc count, enabling an integer overflow that can lead to excessive memory allocation or a heap-based buffer overflow when processing crafted PE files, potentially causing...

CVE-2017-17122

The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...

Integer overflow

libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...

CVE-2017-16612

libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...

CVE-2017-16612

libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...