Oracle OIT ContentAccess libvs_word+63AC Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0158 Oracle OIT ContentAccess libvsword+63AC Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3592 Description Partially controlled memory write vulnerability exists in Mac Word file format parsing code of Oracle Outside In Technology Content...

DEBIAN-CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

Design/Logic Flaw

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

Integer overflow

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation...

CVE-2016-4024

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation...

UBUNTU-CVE-2016-4024

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation...

Linux kernel restricted use write vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drivers/infiniband stack using the insecure 'write' function to replace the 'bi-directional ioctl '...

Amazon Linux: Security Advisory (ALAS-2016-698)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: php56, php55

Issue Overview: The following security-related issues were resolved: Buffer over-write in finfoopen with malformed magic file CVE-2015-8865 Signedness vulnerability causing heap overflow in libgd CVE-2016-3074 Integer overflow in phprawurlencode CVE-2016-4070 Format string vulnerability in...

imlib2: multiple issues

CVE-2011-5326 denial of service Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse results in a floating point exception. - CVE-2016-3993 information leakage Yuriy M. Kaminskiy discovered that drawing using coordinates from an untrusted source could lead to an out-of-bound memory...

DEBIAN-CVE-2016-2191

The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...

Session fixation

The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...

UBUNTU-CVE-2016-2191

The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...

CVE-2016-2191

The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...

PHP 5.5.x < 5.5.34 / 5.6.x < 5.6.20 / 7.0.x < 7.0.5 Multiple Vulnerabilities

Binary data 9171.prm...

Android mention the right Vulnerability, CVE-2 0 1 4-7 9 2 0, CVE-2 0 1 4-7 9 2 1 Analysis-vulnerability warning-the black bar safety net

This is the Android mediaserver mention the right vulnerability, use CVE-2 0 1 4-7 9 2 0 and CVE-2 0 1 4-7 9 2 1 to achieve extraction of the right, from 0 permissions mentioned media rights, wherein the CVE-2 0 1 4-7 9 2 1 effects Android 4.0.3 and later versions, the CVE-2 0 1 4-7 9 2 0 affect...

PHP 5.6.x < 5.6.20 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

PHP 7.0.x < 7.0.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...

PHP 5.5.x < 5.5.34 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.34. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...