APPLE OS X AND IOS X509 CERTIFICATE PARSING NAME CONSTRAINTS REMOTE CODE EXECUTION VULNERABILITY

When a client establishes a secure connection to a server, the server presents an x509 certificate which the client must validate.On Apple macOS, most client applications will use macOS’s certificate validation agent, at which point the malicious certificate will be parsed by the vulnerable code...

Debian DLA-868-1 : imagemagick security update

Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation. These issues include denial of service and memory buffer over-read. For Debian 7 'Wheezy', these problems have been fixed in version 8:6.7.7.10-5+deb7u12. We recommend that you...

[SECURITY] [DLA 868-1] imagemagick security update

Package : imagemagick Version : 8:6.7.7.10-5+deb7u12 CVE ID : CVE-2016-10062 CVE-2017-6498 CVE-2017-6500 Debian Bug : 849439 856878 856879 Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation. These issues include denial of service and...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the FFmpeg component in Google Chrome browsers arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause service interruptions through the use of a specially created video file...

The vulnerabilities in operating systems such as Mac OS X and iOS allow attackers to trigger service failures or execute arbitrary code.

The vulnerability of the CoreGraphics component in Mac OS X and iOS operating systems arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption,...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption during the execution of “junk” files...

CVE-2016-5796

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a...

Out-of-bounds

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a...

CVE-2016-5796

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a...

CVE-2016-5796

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the processing of Adobe Texture Format files...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability in the PDF viewer software such as Adobe Reader, Document Cloud, and Adobe Acrobat lies in the execution of arbitrary code by a remote attacker after an operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code throu...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability in the XSLT programs for PDF viewing applications such as Adobe Reader and Document Cloud, as well as in PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, arises from an operation that goes beyond the buffer limits in memory. Exploiting this vulnerability...

The vulnerability of the Microsoft Office software package allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the Microsoft Office suite arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, or to trigger a service failure memory corruption using a specially crafted documen...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the NetConnection class in the Flash Player software platform arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by manipulating proxy types...

UBUNTU-CVE-2016-2339

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "argtypes" allocation is made based on args array length. Specially constructed object passed as element of args array can...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page...

The vulnerability of the Flash Player software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the Flash Player software arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption remotely...

The vulnerabilities of browsers Internet Explorer and Microsoft Edge allow attackers to trigger service failures or execute arbitrary code.

The vulnerabilities of Internet Explorer and Microsoft Edge are caused by operations that go beyond the buffer boundaries in memory. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code or cause a service failure memory corruption through a specially crafted web pag...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Worker class in the Flash Player software platform arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure due to memory corruption...