PT-2017-17427 · Apng2Gif +1 · Apng2Gif +1

Name of the Vulnerable Software and Affected Versions: apng2gif version 1.7 Description: An issue was discovered related to an integer overflow, resulting in a heap-based buffer over-read. This issue is connected to the load apng function and the imagesize variable. Recommendations: For apng2gif...

SUSE SLED12 Security Update : gegl (SUSE-SU-2017:0696-1)

This update for gegl fixes the following issues: Security issue fixed : - Fix CVE-2012-4433: Fix buffer overflow in and add plausibility checks to ppm-load op bsc789835. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

gdk-pixbuf integer overflow vulnerability (CNVD-2017-03888)

gdk-pixbuf is a toolkit for image loading and pixel buffer processing. An integer overflow vulnerability in the 'loadresources' function of the gdk-pixbuf io-icns.c file allows remote attackers to build malicious files that can be exploited to trick an application into parsing, which can crash th...

DEBIAN-CVE-2017-6819

In WordPress before 4.7.3, there is cross-site request forgery CSRF in Press This wp-admin/includes/class-wp-press-this.php, leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This...

DEBIAN-CVE-2017-6313

Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read and program crash via a crafted image entry size in an ICO file...

UBUNTU-CVE-2017-5045

XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page...

UBUNTU-CVE-2017-6313

Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read and program crash via a crafted image entry size in an ICO file...

File upload fails if the file size is Greater than 65k when ssl policy is bound to the ADC LBVIP

Can upload files of size only up to 64K 2. Cannot upload files larger than 64K upload stalls 3. SSL Policy with Action is bound to LB Vserver...

RedHat Update for kernel RHSA-2017:0323-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to configure Pass-Through authentication for Storefront with Internet Explorer

This article describes how to configure Single Sign-on authentication to XenApp/XenDesktop using Internet Explorer. After configuring Single Sign-on, users will be able to connect to their Storefront published applications and launch XenApp/XenDesktop sessions without having to enter their...

SUSE-SU-2017:0554-1 Security update for util-linux

This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed: - lscpu: Implement WSL...

DEBIAN-CVE-2016-5037

The dwarfloadsection function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the loadsegmentdescriptor component in the Linux operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a local attacker to cause a service failure abnormal termination of operations through a specially created application...

Citrix Store Front MMC console crashes with RSA Authentication Agent 1.0 installed.

Even after uninstalling the RSA Authentication Agent 1.0 we get following error in event viewer logs: Error while creating the Citrix StoreFront Snap-in. Microsoft.Practices.Unity.ResolutionFailedException: Resolution of the dependency failed, type =...

Apple Safari WebKit Security Bypass Vulnerability (CNVD-2017-01669)

Apple Safari is an American web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability in Apple Safari WebKit Handling Page Load allows remote attackers to exploit the vulnerability to build malicious WEB pages that can ...

tls-ticketbleed NSE Script

Detects whether a server is vulnerable to the F5 Ticketbleed bug CVE-2016-9244. For additional information: Script Arguments tls-ticketbleed.protocols default tries all TLSv1.0, TLSv1.1, or TLSv1.2 tls.servername See the documentation for the tls library. smbdomain, smbhash, smbnoguest,...

Finding Ticketbleed

Ticketbleed CVE-2016-9244 is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed. If you suspect you might be...

CVE-2017-2583

The loadsegmentdescriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service guest OS crash or gain guest OS privileges via a crafted application...

SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2017:0348-1)

This update for gnutls fixes the following security issues : - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates GNUTLS-SA-2017-2, bsc1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336 - GnuTLS could have falsely accepted certificates when using OCSP...

HP Helion Eucalyptus Remote Privilege Escalation Vulnerability

HP Helion Eucalyptus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eucalyptus:eucalyptus"...