Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)

Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads MS16-097 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=826 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, whi...

Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=826 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, which may embed bitmaps in records such as EMRPLGBLT, EMRBITBLT, EMRSTRETCHBLT, EMRSTRETCHDIBITS etc. I...

FreeBSD : FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) (70140f20-6007-11e6-a6c3-14dae9d210b8)

A specifically crafted Composite Document File CDF file can trigger an out-of-bounds read or an invalid pointer dereference. CVE-2012-1571 A flaw in regular expression in the awk script detector makes use of multiple wildcards with unlimited repetitions. CVE-2013-7345 A malicious input file could...

CVE-2015-0573

drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of service invalid pointer dereference or possibly have unspecified other...

CVE-2015-0573

drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of service invalid pointer dereference or possibly have unspecified other...

nginx: invalid pointer dereference in resolver

It was discovered that nginx could perform an out of bound read and dereference an invalid pointer when resolving CNAME DNS records. An attacker able to manipulate DNS responses received by nginx could use this flaw to cause a worker process to crash if nginx enabled the resolver in its...

OpenAFS Multiple Vulnerabilities - 01 - Windows

OpenAFS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openafs:openafs"; ifdescription...

Memory corruption

The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer dereference and memory corruption via a crafted NPAPI plug...

Invalid pointer dereference in resolver

Invalid pointer dereference in resolver Severity: medium CVE-2016-0742 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...

Samsung Galaxy S6 - libQjpeg je_free Crash

Samsung Galaxy S6 - libQjpeg jefree Crash Source: https://code.google.com/p/google-security-research/issues/detail?id=617 The attached jpg causes an invalid pointer to be freed when media scanning occurs. F/libc 11192: Fatal signal 11 SIGSEGV, code 1, fault addr 0xffffffffffffb0 in tid 14368 HEAV...

Samsung Galaxy S6 - libQjpeg je_free Crash

Exploit for Android platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=617 The attached jpg causes an invalid pointer to be freed when media scanning occurs. F/libc 11192: Fatal signal 11 SIGSEGV, code 1, fault addr 0xffffffffffffb0 in tid...

Debian DLA-404-1 : nginx security update

It was discovered that there was a invalid pointer deference in nginx, a small, powerful, scalable web/proxy server. An invalid pointer dereference might occur during DNS server response processing, allowing an attacker who is able to forge UDP packets from the DNS server to cause worker process...

[SECURITY] [DLA 404-1] nginx security update

Package : nginx Version : 0.7.67-3+squeeze4+deb6u1 CVE ID : CVE-2016-0742 Debian Bug : 812806 It was discovered that there was a invalid pointer deference in nginx, a small, powerful, scalable web/proxy server. An invalid pointer dereference might occur during DNS server response processing,...

DLA-404-1 nginx - security update

Bulletin has no description...

F5 Networks BIG-IP : file vulnerability (SOL16875)

file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference !/usr/bin/python Title: IBM Tivoli Storage Manager FastBack Server 5.5.4.2 Invalid Pointer Dereference Date: 14 December 2015 Author: Gianni Gnesa gnix Vendor Homepage: http://www.ibm.com/ Software Name: IBM Tivoli...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference

!/usr/bin/python Title: IBM Tivoli Storage Manager FastBack Server 5.5.4.2 Invalid Pointer Dereference Date: 14 December 2015 Author: Gianni Gnesa gnix Vendor Homepage: http://www.ibm.com/ Software Name: IBM Tivoli Storage Manager FastBack Software Version: 5.5.4.2 x86 Software Link: - Go to...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference

Exploit for windows platform in category dos / poc !/usr/bin/python Title: IBM Tivoli Storage Manager FastBack Server 5.5.4.2 Invalid Pointer Dereference Date: 14 December 2015 Author: Gianni Gnesa gnix Vendor Homepage: http://www.ibm.com/ Software Name: IBM Tivoli Storage Manager FastBack Softwa...

CVE-2011-1927

The ipexpire function in net/ipv4/ipfragment.c in the Linux kernel before 2.6.39 does not properly construct ICMPTIMEEXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service invalid pointer dereference via crafted fragmented packets...

CVE-2006-0321

fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service crash via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster...