1012 matches found
CVE-2018-5711
gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...
CVE-2018-5711
gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...
CVE-2018-5711
The vulnerability CVE-2018-5711 affects the GD Graphics Library (libgd2) as used by PHP. Affected GIF parsing code in gd_gif_in.c suffers an integer signedness error that can cause an infinite loop when processing crafted GIF data via imagecreatefromgif or imagecreatefromstring, potentially leadi...
CVE-2018-5711
gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...
MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service Vulnerability
Exploit for multiple platform in category dos / poc VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnpc getHTTPResponse chunked encoding integer signedness error Overview -------- Name: miniupnpc Vendor: Thomas...
CVE-2018-5251
In libming 0.4.8, there is an integer signedness error vulnerability left shift of a negative value in the readSBits function util/read.c. Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file...
CVE-2018-5251
CVE-2018-5251 affects Ming/libming, specifically libming 0.4.8. The issue is an integer signedness error in readSBits (util/read.c) that can be triggered by a crafted SWF file to cause a denial of service. Multiple connected advisories confirm the same vulnerability and its presence across distri...
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2017:3388-1)
This update for ImageMagick fixes the following issues : - CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service bsc1061254 - CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service bsc1060176 -...
openSUSE Security Update : GraphicsMagick (openSUSE-2017-1362)
This update for GraphicsMagick fixes the following issues : - CVE-2017-12140: ReadDCMImage in coders\dcm.c has a ninteger signedness error leading to excessive memory consumption bnc1051847 - CVE-2017-14994: NULL pointer in ReadDCMImage in coders/dcm.c could lead to denial of service bnc1061587 -...
Denial Of Service (DoS)
FFMPEG is vulnerable to denial of service DoS attacks. A malicious user can launch an attack by sending a malicious MPEG file to the gmcmmx function in libavcodec/x86/mpegvideodsp.c. Since it fails to validate the width and height of the input, it leads to integer signedness error and an...
Integer overflow
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-17081
CVE-2017-17081 affects FFmpeg’s x86 MPEG video DSP (libavcodec/x86/mpegvideodsp.c) where the gmc_mmx path does not properly validate widths and heights, enabling a crafted MPEG file to trigger a denial of service via an integer signedness error and out-of-bounds read. The vulnerability is present...
CVE-2017-17081
The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service integer signedness error and out-of-array read via a crafted MPEG file...
CVE-2017-15602
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...
CVE-2017-15602
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...
Integer overflow
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...
CVE-2017-15602
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...