147 matches found
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
Ubuntu 14.04 LTS / 16.04 LTS : libxcursor vulnerability (USN-3501-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3501-1 advisory. It was discovered that libxcursor incorrectly handled certain files. An attacker could use these issues to cause libxcursor to crash, resulting in a...
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : libXcursor (SSA:2017-333-01)
New libXcursor packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-333-01. T...
Ubuntu: Security Advisory (USN-3501-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201711-41] libxcursor: arbitrary code execution
Arch Linux Security Advisory ASA-201711-41 ========================================== Severity: High Date : 2017-11-30 CVE-ID : CVE-2017-16612 Package : libxcursor Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-531 Summary ======= The package libxcursor...
[ASA-201711-42] lib32-libxcursor: arbitrary code execution
Arch Linux Security Advisory ASA-201711-42 ========================================== Severity: High Date : 2017-11-30 CVE-ID : CVE-2017-16612 Package : lib32-libxcursor Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-532 Summary ======= The package...
USN-3501-1: libxcursor vulnerability
It was discovered that libxcursor incorrectly handled certain files. An attacker could use these issues to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-3501-1 libxcursor vulnerability
It was discovered that libxcursor incorrectly handled certain files. An attacker could use these issues to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code...
[slackware-security] libXcursor
New libXcursor packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libXcursor-1.1.15-i586-1slack14.2.txz: Upgraded. Fix heap overflows when parsing malicious files...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
UBUNTU-CVE-2017-16612
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland through 1.14.0...
libXcursor -- integer overflow that can lead to heap buffer overflow
The freedesktop.org project reports: It is possible to trigger heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments. The integer overflow occurs because the chosen limit 0x10000 for dimensions is too large for 32 bit systems, because each...
X.org X11 libraries security, bug fix and enhancement update
libICE 1.0.9-9 - Add upstream patch to not pull libbsd - Add custom patch for Fedora 24 & 25 1.0.9-8 - Fix changelog 1.0.9-7 - Use libbsd for randoms CVE-2017-2626, rhbz1427715 1.0.9-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora26MassRebuild 1.0.9-5 - Force disable documentation generatio...
Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)
The version of Oracle Secure Global Desktop installed on the remote host is 4.71, 5.2, or 5.3 and is missing a security patch from the April 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An integer overflow condition exists in the Window System X11...
Amazon Linux: Security Advisory (ALAS-2014-452)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libxcursor package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libXcursor-devel-1.1.14 package of the Red Hat Enterprise Linux operating system can be exploited, resulting in a violation of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...