1012 matches found
DLA-569-1 xmlrpc-epi - security update
Bulletin has no description...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
Design/Logic Flaw
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2016-6296
CVE-2016-6296 affects xmlrpc-epi (used with PHP) through version 0.54.2. It is an integer signedness error in simplestring_addn that can cause a heap-based buffer overflow and remote DoS, with possible other impact via a long first argument to xmlrpc_encode_request. Remediation: upgrade xmlrpc-ep...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2016-6296
Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a crafted patch file...
CVE-2014-9862
CVE-2014-9862 targets the bspatch component of bsdiff. The issue is an integer signedness error in bspatch that can cause a heap-based buffer overflow when processing a crafted patch, enabling a remote attacker to execute arbitrary code or cause a denial of service. Affected products include Appl...
ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...
Debian DLA-545-1 : icu security update
Several security issues have been identified and corrected in ICU, the International Components for Unicode C and C++ library, in Debian Wheezy. CVE-2015-2632 Buffer overflow vulnerability. CVE-2015-4844 Buffer overflow vulnerability. CVE-2016-0494 Integer signedness/overflow vulnerability. For...
[SECURITY] [DLA 545-1] icu security update
Package : icu Version : 4.8.1.1-12+deb7u4 CVE ID : CVE-2015-2632 CVE-2015-4844 CVE-2016-0494 Several security issues have been identified and corrected in ICU, the International Components for Unicode C and C++ library, in Debian Wheezy. CVE-2015-2632 Buffer overflow vulnerability. CVE-2015-4844...
openSUSE Security Update : php5 (openSUSE-2016-703)
This update for php5 fixes the following issues : - CVE-2013-7456: imagescale out-of-bounds read bnc982009. - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...
CVE-2016-2061
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service array overflow and memory corruption via a crafted...
CVE-2016-2066
CVE-2016-2066 affects the MSM QDSP6 audio driver in the Linux kernel 3.x as used in Qualcomm QuIC Android contributions for MSM devices and related products. The issue is an integer signedness error in the msm-audio-effects-q6-v2.c path that handles ioctl commands, leading to memory corruption. P...
CVE-2016-2066
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service memory corruption via a crafted application that...
CVE-2016-2061
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service array overflow and memory corruption via a crafted...