741 matches found
DLA-569-1 xmlrpc-epi - security update
Bulletin has no description...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
Design/Logic Flaw
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2016-6296
CVE-2016-6296 affects xmlrpc-epi (used with PHP) through version 0.54.2. It is an integer signedness error in simplestring_addn that can cause a heap-based buffer overflow and remote DoS, with possible other impact via a long first argument to xmlrpc_encode_request. Remediation: upgrade xmlrpc-ep...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
CVE-2014-9862 targets the bspatch component of bsdiff. The issue is an integer signedness error in bspatch that can cause a heap-based buffer overflow when processing a crafted patch, enabling a remote attacker to execute arbitrary code or cause a denial of service. Affected products include Appl...
openSUSE Security Update : php5 (openSUSE-2016-703)
This update for php5 fixes the following issues : - CVE-2013-7456: imagescale out-of-bounds read bnc982009. - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...
CVE-2016-2061
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service array overflow and memory corruption via a crafted...
CVE-2016-2066
CVE-2016-2066 affects the MSM QDSP6 audio driver in the Linux kernel 3.x as used in Qualcomm QuIC Android contributions for MSM devices and related products. The issue is an integer signedness error in the msm-audio-effects-q6-v2.c path that handles ioctl commands, leading to memory corruption. P...
CVE-2016-2066
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service memory corruption via a crafted application that...
CVE-2016-2061
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service array overflow and memory corruption via a crafted...
CVE-2016-1887
Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen argument, which triggers a...
CVE-2016-1886
Integer signedness error in the genkbdcommonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service memory overwrite and kernel crash, or ga...
CVE-2016-1886
Integer signedness error in the genkbdcommonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service memory overwrite and kernel crash, or ga...