CVE-2016-2177

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3srvr....

CVE-2016-2177

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3srvr....

OpenSSL Denial of Service Vulnerability

OpenSSL is an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols developed by the OpenSSL team as a general-purpose cryptographic library that supports a wide range of cryptographic algorithms including symmetric ciphers, hash...

Internet Bug Bounty: CVE-2016-2177 Undefined pointer arithmetic in SSL code

1.0.2 version here: https://github.com/openssl/openssl/commit/a004e72b95835136d3f1ea90517f706c24c03da7 1.0.1 version here: https://github.com/openssl/openssl/commit/6f35f6deb5ca7daebe289f86477e061ce3ee5f46 These will get listed in the next security advisory and rolled up in the next release...

Vulnerability in OpenSSL - Pointer arithmetic undefined behaviour

Avoid some undefined pointer arithmetic A common idiom in the codebase is to check limits in the following manner: “p + len limit” Where “p” points to some malloc’d data of SIZE bytes and limit == p + SIZE “len” here could be from some externally supplied data e.g. from a TLS message. The rules o...

Comodo - PackMan Unpacker Insufficient Parameter Validation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=764 Packman is an obscure opensource executable packer that Comodo Antivirus attempts to unpack during scanning. The code is available online here: http://packmanpacker.sourceforge.net/ If the compression method is set to algorithm...

SUSE SLED11 / SLES11 Security Update : libmspack (SUSE-SU-2015:2215-1)

libmspack was updated to fix several security vulnerabilities. - Fix NULL pointer dereference on a crafted CAB. bsc934524, CVE-2014-9732 - Fix denial of service while processing crafted CHM file. bsc934525, CVE-2015-4467 - Fix denial of service while processing crafted CHM file. bsc934529,...

SUSE-SU-2015:2215-1 Security update for libmspack

libmspack was updated to fix several security vulnerabilities. - Fix null pointer dereference on a crafted CAB. bsc934524, CVE-2014-9732 - Fix denial of service while processing crafted CHM file. bsc934525, CVE-2015-4467 - Fix denial of service while processing crafted CHM file. bsc934529,...

Libmspack CHM decompression pointer arithmetic denial of service vulnerability (CNVD-2015-00970)

Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. A pointer arithmetic overflow denial of service vulnerability exists in Libmspack's handling of specially crafted CHM files, which can be exploited by remote attackers to crash an applicatio...

Libmspack CHM decompression pointer arithmetic denial of service vulnerability (CNVD-2015-00969)

Libmspack is a library of related Microsoft compression formats such as CAB, CHM, HLP, LIT, KWAJ and SZDD. A denial of service vulnerability exists in Libmspack's handling of CHM decompression, which can be exploited by remote attackers to crash an application...

openSUSE Security Update : apache2-mod_fcgid (openSUSE-SU-2011:0884-1)

A possible stack overflow in apache2-modfcgid due to wrong pointer arithmetic has been fixed. CVE-2010-3872 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Apache mod_fcgid Module < 2.3.9 fcgid_header_bucket_read() Function Heap-Based Buffer Overflow

According to its self-reported banner, the Apache web server listening on this port includes a version of the modfcgid module earlier than 2.3.9. That reportedly has a heap-based buffer overflow vulnerability because of an error in the pointer arithmetic used in the 'fcgidheaderbucketread'...

Apache mod_fcgid Module fcgid_header_bucket_read() Function Remote Stack Buffer Overflow

According to its self-reported banner, the Apache web server listening on this port includes a version of the modfcgid module earlier than 2.3.6. As such, it has a stack-based buffer overflow vulnerability because of an error in the pointer arithmetic used in the 'fcgidheaderbucketread' function...

Mandriva Linux Security Advisory : mplayer (MDVSA-2011:088)

Multiple vulnerabilities have been identified and fixed in mplayer : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

Check for the Version of ffmpeg OpenVAS Vulnerability Test Mandriva Update for ffmpeg MDVSA-2011:060 ffmpeg Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2010-4574

The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or...

CVE-2010-4574

The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or...

Deserialization of untrusted data

The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or...

CVE-2010-4574

The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or...