PT-2016-3138 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue is related to a missing malloc check in the coders/ipl.c component of ImageMagick, which can be exploited by remote attackers to have an unspecific impact. Recommendations: At...

UBUNTU-CVE-2016-10144

coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check...

unsorted bin attack analysis-vulnerability warning-the black bar safety net

One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...

Null pointer dereference

XRegion in TigerVNC allows remote VNC servers to cause a denial of service NULL pointer dereference by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052...

CVE-2014-8241

XRegion in TigerVNC allows remote VNC servers to cause a denial of service NULL pointer dereference by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052...

CVE-2014-8241

XRegion in TigerVNC allows remote VNC servers to cause a denial of service NULL pointer dereference by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052...

DEBIAN-CVE-2014-8241

XRegion in TigerVNC allows remote VNC servers to cause a denial of service NULL pointer dereference by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052...

CVE-2014-8241

XRegion in TigerVNC allows remote VNC servers to cause a denial of service NULL pointer dereference by leveraging failure to check a malloc return value, a similar issue to CVE-2014-6052...

Internet Bug Bounty: malloc negative size parameter

https://bugs.php.net/bug.php?id=73445 Thank you for your consideration...

The vulnerabilities of the library that handles system calls and the core functions of glibc allow a perpetrator to cause a service failure.

The multiple vulnerabilities in the malloc/malloc.c file of the library that provides system calls and core functions of glibc are caused by integer overflows. Exploiting these vulnerabilities can allow an attacker to trigger a service failure damage to dynamic memory by specifying an excessively...

FreeBSD : libvncserver -- multiple security vulnerabilities (cb3f036d-8c7f-11e6-924a-60a44ce6887b)

Nicolas Ruff reports : Integer overflow in MallocFrameBuffer on client side. Lack of malloc return value checking on client side. Server crash on a very large ClientCutText message. Server crash when scaling factor is set to zero. Multiple stack overflows in File Transfer feature. %NASLMINLEVEL...

ALPINE-CVE-2016-6662

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and...

MySQL 'malloc_lib' Variable Rewrite Command Execution Vulnerability

Oracle MySQL is an open source relational database management system from Oracle. A rewrite command execution vulnerability exists in the MySQL 'malloclib' variable. Both remote and local attackers can exploit the vulnerability to execute code with ROOT privileges and take full control of the MyS...

CVE-2 0 1 6-6 6 6 2-MySQL ‘malloc_lib’variable rewrite command to perform the analysis-vulnerability warning-the black bar safety net

Today there is one about the MySQL vulnerability is revealed, numbered CVE-2 0 1 6-6 6 6 2 in. The vulnerability is mainly related to the mysqldsafe script in acceleration/handling memory when using “malloclib”variable as identify the marker selective loadingpreload, such as tcmalloc or the like ...

Remote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662

LegalHackers' reports: RCE Bugs discovered in MySQL and its variants like MariaDB. It works by manipulating my.cnf files and using --malloc-lib. The bug seems fixed in MySQL 5.7.15 by Oracle...

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1733-1)

This update for glibc provides the following fixes : - Increase DTVSURPLUS limit. bsc968787 - Do not copy dname field of struct dirent. CVE-2016-1234, bsc969727 - Fix memory leak in nssdnsgethostbyname4r. bsc973010 - Fix stack overflow in nssdnsgetnetbynamer. CVE-2016-3075, bsc973164 - Fix malloc...

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1721-1)

This update for glibc provides the following fixes : - Increase DTVSURPLUS limit. bsc968787 - Do not copy dname field of struct dirent. CVE-2016-1234, bsc969727 - Fix memory leak in nssdnsgethostbyname4r. bsc973010 - Fix stack overflow in nssdnsgetnetbynamer. CVE-2016-3075, bsc973164 - Fix malloc...

openSUSE Security Update : glibc (openSUSE-2016-852)

This update for glibc provides the following fixes : - Increase DTVSURPLUS limit. bsc968787 - Do not copy dname field of struct dirent. CVE-2016-1234, bsc969727 - Fix memory leak in nssdnsgethostbyname4r. bsc973010 - Fix stack overflow in nssdnsgetnetbynamer. CVE-2016-3075, bsc973164 - Fix malloc...

SUSE-SU-2016:1721-1 Security update for glibc

This update for glibc provides the following fixes: - Increase DTVSURPLUS limit. bsc968787 - Do not copy dname field of struct dirent. CVE-2016-1234, bsc969727 - Fix memory leak in nssdnsgethostbyname4r. bsc973010 - Fix stack overflow in nssdnsgetnetbynamer. CVE-2016-3075, bsc973164 - Fix malloc...

CVE-2016-2177

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3srvr....