94 matches found
Debian DSA-3889-1 : libffi - security update (Stack Clash)
libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for...
CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
Code injection
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
DEBIAN-CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
[SECURITY] [DSA 3889-1] libffi security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3889-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez June 19, 2017 https://www.debian.org/security/faq -...
CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
CVE-2017-1000376
CVE-2017-1000376 affects libffi. The vulnerability enables an executable stack that can be exploited to trigger arbitrary code execution on 32-bit x86 systems prior to libffi 3.1; upstream is believed to have fixed the issue in version 3.1. Other references indicate that libffi 3.1.x mitigates th...
CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
Debian Security Advisory DSA 3889-1 (libffi - security update)
libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for...
PT-2017-3250 · Gnu +1 · Libffi +1
Name of the Vulnerable Software and Affected Versions: libffi versions prior to 3.1 Description: The issue is caused by libffi requesting an executable stack, allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. This is due to a buffer overflow operation in...
CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
UBUNTU-CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...
DSA-3889-1 libffi - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3889-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2017:0379-1 Security update for gcc48
This update for gcc48 to version 4.8.5 fixes several issues. This security issue was fixed: - CVE-2015-5276: The std::randomdevice class in libstdc++ did not properly handle short reads from blocking sources, which made it easier for context-dependent attackers to predict the random values via...
libffi CVE-2017-1000376 Arbitrary Code Execution Vulnerability
Description libffi is prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Technologies Affected Libffi Project libffi Oracle PeopleSoft PeopleTools 8.56 Oracle PeopleSoft...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information
The multiple vulnerabilities in the libffi3 package of the Debian GNU/Linux operating system may lead to a violation of the integrity of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information
The libffi3-dev package for the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to damage to the integrity of protected information. These vulnerabilities can be exploited remotely...
openSUSE Security Update : gcc5 (openSUSE-2016-472)
The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The following non-security issues...