3104 matches found
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
UBUNTU-CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
USN-3276-3: shadow vulnerability
USN-3276-1 and USN-3276-2 fixed vulnerabilities in shadow. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain...
CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
[slackware-security] xorg-server
New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/xorg-server-1.18.3-i586-5slack14.2.txz: Rebuilt. This update fixes integer overflows and other possible security...
[slackware-security] libXres
New libXres packages are available for Slackware 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libXres-1.2.0-i586-1slack14.2.txz: Upgraded. Integer overflows may allow X servers to trigger allocation of insufficient memo...
[slackware-security] gegl
New gegl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gegl-0.2.0-i586-4slack14.2.txz: Rebuilt. Patched integer overflows in operations/external/ppm-load.c that could allow a...
USN-3396-1: OpenJDK 7 vulnerabilities
It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. CVE-2017-10053 It was discovered that the JAR verifier ...
Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-3396-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3396-1 advisory. It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a...
spice security update
0.12.8-2.1 - Redo build properly versioned as a zstream build Related: CVE-2017-7506 0.12.8-3 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506...
CVE-2014-0143
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...
CVE-2014-0143
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...
CVE-2014-0143
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...
CVE-2014-0143
CVE-2014-0143 involves multiple integer overflows in QEMU block drivers (including parallels_open, bochs_open, qcow2_snapshot_load_tmp, qcow2_grow_l1_table, bdrv_check_byte_request, get_refcount, cloop_open) that can trigger buffer overflows, memory corruption and out-of-bounds reads/writes. A lo...
CVE-2014-0143
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...
OpenJDK: integer overflows in range check loop predicates (Hotspot, 8173770)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
USN-3212-4: LibTIFF vulnerabilities
USN-3212-1 fixed several issues in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. Mei Wang discovered a multiple integer overflows in LibTIFF which allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted TIFF image,...
tcpdump: multiple overflow issues in protocol decoding
Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode without -w which...