CVE-2015-1860 analysis: Qt module for processing GIFs cause a crash-bug warning-the black bar safety net

Vulnerability background Qt is a cross-platform graphical interface programming Framework, and its version is less than 4. 8. 7 and 5. x is less than 5. 4. 2 analytical picture of the process for cross-border inspections of improper handling, will result in the memcpy of the process occurs out of...

CVE-2017-5332

A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash...

openSUSE Security Update : tiff (openSUSE-2017-53)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

Internet Bug Bounty: Invalid parameter in memcpy function trough openssl_pbkdf2

Upstream: https://bugs.php.net/bug.php?id=72776 Summary: ------------ When keylength parameter is greater than 0x7fffffff, size parameter is interpreted as negative in memcpy, inside PKCS5PBKDF2HMAC function libcrypto.so. This issue happens only in PHP 5.6 branch. PHP 7.0 avoids this issue trough...

Updated libtiff packages fix security vulnerability

The updated packages fix: - A regression introduced by the fix for CVE-2016-9297 CVE-2016-9448. - An out-of-bounds Write memcpy and less bound check in tiff2pdf CVE-2016-9453...

CVE-2016-8807

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without...

Stack overflow

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=947 The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow: bool...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=947 The escape handler for 0x10000e9 lacks bounds checks, and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow: bool escape10000e9NvMiniportDeviceContext a1, Escape10000e9 escape ... LOBYTEa9...

GLSA-201610-03 : Quagga: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201610-03 Quagga: Arbitrary code execution A memcpy function in the VPNv4 NLRI parser of bgpmplsvpn.c does not properly check the upper-bound length of received Labeled-VPN SAFI routes data, which may allow for arbitrary code...

Quagga: Arbitrary code execution

Background Quagga is a free routing daemon replacing Zebra supporting RIP, OSPF and BGP. Description A memcpy function in the VPNv4 NLRI parser of bgpmplsvpn.c does not properly check the upper-bound length of received Labeled-VPN SAFI routes data, which may allow for arbitrary code execution on...

CVE-2015-8918

The archivestringappend function in archivestring.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted cab files, related to "overlapping memcpy."...

CVE-2015-8918

The archivestringappend function in archivestring.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted cab files, related to "overlapping memcpy."...

SUSE SLES11 Security Update : bsdtar (SUSE-SU-2016:1939-1)

bsdtar was updated to fix seven security issues. These security issues were fixed : - CVE-2015-8929: Memory leak in tar parser bsc985669. - CVE-2016-4809: Memory allocate error with symbolic links in cpio archives bsc984990. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. -...

openSUSE Security Update : libarchive (openSUSE-2016-969)

libarchive was updated to fix 20 security issues. These security issues were fixed : - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921...

The vulnerability of the Internet Explorer browser, which allows a malicious individual to execute arbitrary code or trigger a service failure.

The Internet Explorer browser contains a vulnerability related to the call to the memcpy function. Exploiting this vulnerability allows malicious actors, operating remotely, to trigger a memory overflow through a specially created website and execute arbitrary code or cause a system failure...

PT-2016-4060 · Libarchive +2 · Libarchive +2

Name of the Vulnerable Software and Affected Versions: libarchive versions prior to 3.2.0 Description: The issue allows remote attackers to cause a denial of service crash via crafted cab files. This is related to "overlapping memcpy" in the archive string append function in archive string.c...

CVE-2015-8918

The archivestringappend function in archivestring.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted cab files, related to "overlapping memcpy."...

Internet Bug Bounty: Heap Overflow Due To Integer Overflow

Bug reported : https://bugs.php.net/bug.php?id=72455 PHPFUNCTIONmdecryptgeneric snip int blocksize, datasize; // signed int / Check blocksize / if mcryptencisblockmodepm-td == 1 / It's a block algorithm / blocksize = mcryptencgetblocksizepm-td; datasize = intdatalen - 1 / blocksize + 1 blocksize;...

Wireshark - AirPDcapDecryptWPABroadcastKey Heap Based Out-of-Bounds Read

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=740 The following crash due to a heap-based out-of-bounds read can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark...