VLC Media Player < 2.2.2 Multiple Vulnerabilities

Binary data 9267.prm...

CVE-2016-0849

Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...

CVE-2016-0849

Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...

Multiple vulnerabilities in OpenSSL affect AIX

IBM SECURITY ADVISORY First Issued: Mon Apr 4 11:04:25 CDT 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory18.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory18.asc...

[slackware-security] libevent

New libevent packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libevent-2.0.22-i486-1slack14.1.txz: Upgraded. Multiple integer overflows in the evbuffer API allow context-dependent attackers to...

CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app...

CVE-2016-1753

Multiple integer overflows in the kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allow attackers to execute arbitrary code in a privileged context via a crafted app...

Debian DSA-3520-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. %NASLMINLEVEL 70300 C...

About the security content of watchOS 2.2

About the security content of watchOS 2.2 This document describes the security content of watchOS 2.2. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...

[SECURITY] [DSA 3520-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3520-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 18, 2016 https://www.debian.org/security/faq -...

DSA-3520-1 icedove - security update

Bulletin has no description...

Debian Security Advisory DSA 3520-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3520.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3520-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

Debian: Security Advisory (DSA-3520-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED11 / SLES11 Security Update : libotr (SUSE-SU-2016:0706-1)

This update for libotr fixes the following issues : - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...

CVE-2016-0827

Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...

CVE-2016-0827

Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...

UBUNTU-CVE-2016-0827

Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and...

Debian: Security Advisory (DSA-3491-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-0797

Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service heap memory corruption or NULL pointer dereference or possibly have unspecified other impact via a long digit string that is mishandled by the 1 BNdec2bn or 2...

CVE-2016-0797

CVE-2016-0797 concerns OpenSSL’s BN_hex2bn/BN_dec2bn handling of long digit strings. The issue enables remote denial of service via heap memory corruption or NULL pointer dereference in OpenSSL 1.0.1 (before 1.0.1s) and 1.0.2 (before 1.0.2g). Root cause is improper length calculation of big numbe...