CVE-2017-14169

CVE-2017-14169 affects FFmpeg/libavformat: specifically the mxf_read_primer_pack function in libavformat/mxfdec.c. The description documents an integer signedness error when a crafted MXF file provides a large item_num (e.g., 0xffffffff), causing item_num to become negative and bypassing the chec...

CVE-2017-14169

In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...

Juniper Issues Security Alert Tied to Routers and Switches

Juniper Networks warned customers Thursday of a high-risk vulnerability in the GD graphics library that could allow a remote attacker to take control of systems running certain versions of the Junos OS. The alert was in conjunction with a warning from the U.S. Computer Emergency Readiness Team...

Juniper Networks Junos OS libgd Heap Overflow Vulnerability

Junos OS is prone to a heap overflow vulnerability in libgd which allows remote attackers to cause a denial of service or potentially execute arbitrary code. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CVE-2017-12140

The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file...

CVE-2017-12140

The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file...

CVE-2017-12140

CVE-2017-12140 affects ImageMagick 7.0.6-1 where ReadDCMImage (coders/dcm.c) has an integer signedness error that can cause excessive memory consumption when processing a crafted DCM file. This root cause is explicitly tied to the ReadDCMImage function and may lead to memory exhaustion on vulnera...

CVE-2017-12140

The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file...

Juniper Junos libgd Compressed GD2 Data RCE (JSA10798)

According to its self-reported version number, the remote Juniper Junos device is affected by an integer signedness error in the included GD Graphics Library libgd when handling compressed GD2 data due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit...

EulerOS 2.0 SP2 : gd (EulerOS-SA-2017-1128)

According to the version of the gd package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and...

Debian DLA-949-1 : miniupnpc security update

It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack. For Debian 7 'Wheezy', this issue has been fixed in miniupnpc version 1.5-2+deb7u2. We recommend that you upgrade your miniupnpc packages...

FreeBSD : miniupnpc -- integer signedness error (da1d5d2e-3eca-11e7-8861-0018fe623f2b)

Tintinweb reports : An integer signedness error was found in miniupnp's miniwget allowing an unauthenticated remote entity typically located on the local network segment to trigger a heap corruption or an access violation in miniupnp's http response parser when processing a specially crafted...

[SECURITY] [DLA 949-1] miniupnpc security update

Package : miniupnpc Version : 1.5-2+deb7u2 CVE ID : CVE-2017-8798 Debian Bug : 862273 It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack. For Debian 7 "Wheezy", this issue has been fixed in...

miniupnpc 2.0.20170421 Denial Of Service Exploit

miniupnpc suffers from an integer signedness error when parsing a chunked encoded http response. Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnp miniupnpc getHTTPResponse chunked encoding integer signedness error Overview...

miniupnpc 2.0.20170421 Denial Of Service

Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnp miniupnpc getHTTPResponse chunked encoding integer signedness error Overview -------- Name: miniupnpc Vendor: Thomas Bernard References: http://miniupnp.free.fr/ 1 Version:...

DEBIAN-CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact...