CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

UBUNTU-CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

Privilege escalation

An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler...

xen-tools -- qemu incautious about shared ring processing

The Xen Project reports: The compiler can emit optimizations in qemu which can lead to double fetch vulnerabilities. Specifically data on the rings shared between qemu and the hypervisor which the guest under control can obtain mappings of can be fetched twice during which time the guest can alte...

(Pwn2Own) Apple Safari ArrayStorage DFG Optimization Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

UBUNTU-CVE-2016-4472

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and...

Generic Android Deobfuscator: Simplify

Simplify uses a virtual machine to execute an app and understand what it does. Then, it applies optimizations to create code that behaves identically but is easier for a human to understand. It is a generic deobfuscator because it doesn’t need any special configuration or code for different types...

Fedora 22 : dovecot-2.2.19-1.fc22 (2015-48003c2343)

dovecot updated to 2.2.19 mdbox: Rebuilding could have caused message's reference count to overflow the 16bit number in some situations, causing problems when trying to expunge the duplicates. Various search fixes fts, solr, tika, lib-charset, indexer Various virtual plugin fixes Various fixes...

paravirtualized drivers incautious about shared memory contents

ISSUE DESCRIPTION The compiler can emit optimizations in the PV backend drivers which can lead to double fetch vulnerabilities. Specifically the shared memory between the frontend and backend can be fetched twice during which time the frontend can alter the contents possibly leading to arbitrary...

Oracle Java SE JRE Unspecified Vulnerability-05 (Oct 2014) - Linux

Oracle Java SE JRE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel security and bug fix update

2.6.32-279.22.1 - virt kvm: invalid opcode oops on SETSREGS with OSXSAVE bit set Petr Matousek 862903 862904 CVE-2012-4461 - fs fuse: optimize fusedirectio Brian Foster 865305 858850 - fs fuse: optimize fusegetuserpages Brian Foster 865305 858850 - fs fuse: use getuserpagesfast Brian Foster 86530...

Fedora 18 : claws-mail-3.9.0-1.fc18 / claws-mail-plugins-3.9.0-2.fc18 (2012-18593)

Added IMAP server side search - Added the file .claws-mail/extraheaderrc which holds editable extra headers to be added to compose window combobox - Added 'Select html part of multipart messages' to the Folder Properties - GnuPG: Consider marginal signature validity as untrusted - The mimeview...

Firefox 16.0.2 available, Cross site scripting attack patched

16.0.2 Firefox is now available for anyone who wants to try before anyone else. Mozilla address one serious vulnerability. According to the information security of Mozilla, they has fixed a number of issues related to the Location object in order to enhance overall security. The Location object i...

Google Releases Chrome 22 and Pays Out Nearly $30K in Rewards

Google has released Chrome 22, a major new version of its browser that includes a huge number of security fixes, many of them high-priority vulnerabilities. The company also handed out nearly $30,000 in rewards to security researchers, more than half of it to Sergey Glazunov, who discovered two...

Mandriva Update for mozilla-thunderbird MDVA-2012:019 (mozilla-thunderbird)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for mozilla-thunderbird MDVA-2012:019 (mozilla-thunderbird)

Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVA-2012:019 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

MDVA-2012:019 : mozilla-thunderbird

This is a maintenance and bugfix release that provides thunderbird 10.0.1 which utilizes better compilation optimizarions. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security,...

Mandriva Update for firefox MDVA-2012:014 (firefox)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for firefox MDVA-2012:014 (firefox)

Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVA-2012:014 firefox Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...