CVE-2016-7800

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service application crash via a crafted 8BIM chunk, which triggers a heap-based buffer overflow...

GraphicsMagick Multiple Vulnerabilities (Feb 2017) - Windows

GraphicsMagick is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggere...

PT-2017-9753 · Libbpg +1 · Libbpg +1

Name of the Vulnerable Software and Affected Versions: Libbpg library affected versions not specified Description: A heap write out of bounds vulnerability exists in the decoding of BPG images in the Libbpg library. Decoding a crafted BPG image can cause an integer underflow vulnerability, leadin...

CVE-2016-1925

CVE-2016-1925 : A vulnerability in LHarc’s LHa tool arises from an integer underflow in header.c when parsing level0/level1 headers in a crafted LHarc archive with a large header size, triggering a buffer overflow. Connected advisories confirm this affects LHa and describe potential remote impact...

Libbpg BGP image decoding Code Execution Vulnerability

Summary An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be...

UBUNTU-CVE-2016-10166

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

Ubuntu: Security Advisory (USN-3159-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3160-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3160-1 advisory. CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A loc...

USN-3160-1: Linux kernel vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 It was discovered that a race condition existed in the procf...

USN-3159-2: Linux kernel (OMAP4) vulnerability

It was discovered that a race condition existed in the procfs environread function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information kernel memory...

USN-3159-1: Linux kernel vulnerability

It was discovered that a race condition existed in the procfs environread function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information kernel memory...

Memcached process_bin_sasl_auth Integer Underflow (CVE-2016-8706)

An integer underflow vulnerability exists in the Memcached binary protocol. This vulnerability is due to a lack of bounds checking in the processbinsaslauth function. A remote unauthenticated attacker can exploit these vulnerabilities by sending a specially crafted packet to memcached that can le...

Microsoft Edge - 'CText­Extractor::Get­Block­Text' Out-of-Bounds Read (MS16-104)

::first-letter border: 0; white-space: pre-line; Aalert;&x­D;&x­D;B Description Though I did not investigate thoroughly, I did find out the following: The root cause appears to be an integer underflow in a 32-bit variable used in CText­Extractor..Get­Block­Text as an index to read a WCHAR in a...

Microsoft Edge - CText­Extractor::Get­Block­Text Out-of-Bounds Read (MS16-104)

Microsoft Edge - CText­Extractor::Get­Block­Text Out-of-Bounds Read MS16-104 ::first-letter border: 0; white-space: pre-line; Aalert;&x­D;&x­D;B Description Though I did not investigate thoroughly, I did find out the following: The root cause appears to be an integer underflow in a 32-bit variabl...

Microsoft Edge CTextExtractor::GetBlockText Out-Of-Bounds Read

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the fourteenth entry in that series. Unfortunately I won't be able to publish everything within one month at the current rate, so I may continue to publish these throu...