Updated imagemagick packages fix security vulnerability

Imagemagick has been updated to version 6.9.10.0 to fix several bugs and possible security issues. - Fixed numerous use of uninitialized values, integer overflow, memory exceeded, and timeouts - Missing break when checking "compliance" element. - Fixed errant 'not enough pixel data' - Fixed...

DEBIAN-CVE-2018-10111

An issue was discovered in GEGL through 0.3.32. The renderrectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service application crash upon allocation failure...

UBUNTU-CVE-2018-10111

An issue was discovered in GEGL through 0.3.32. The renderrectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service application crash upon allocation failure...

VMware VNC Dynamic Resolution Request Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a heap overflow resulting in heap corruption. An attacker can create a VNC session to trigger this vulnerability. Tested Versions Vase,...

ghostscript: NULL pointer dereference in mem_get_bits_rectangle()

A NULL pointer dereference flaw was found in ghostscript's memgetbitsrectangle function. A specially crafted postscript document could cause a crash in the context of the gs process...

tigervnc: Buffer overflow in ModifiablePixelBuffer::fillRect

A buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer. A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service...

ALPINE-CVE-2017-5951

The memgetbitsrectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

DEBIAN-CVE-2017-5884

gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted 1 rre, 2 hextile, or 3 copyrect tile...

LibVNCServer LibVNCClient FramebufferUpdate Rectangle Heap Buffer Overflow (CVE-2016-9941)

A heap-based buffer overflow has been reported in LibVNCServer LibVNCClient. The vulnerability is due to improper handling of FramebufferUpdate messages with specially crafted rectangles. A remote attacker could exploit this vulnerability by enticing a user to connect to a malicious VNC server an...

Adobe Flash - Use-After-Free When Returning Rectangle

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=842 Several methods in flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a MovieClip, the Rectangle instantiation will run on its thread...

Adobe Flash - Use-After-Free When Returning Rectangle

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=842 Several methods in flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a MovieClip...

Adobe Flash - Use-After-Free When Returning Rectangle

Adobe Flash - Use-After-Free When Returning Rectangle Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=842 Several methods in flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)

qemu was updated to fix 37 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=359&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Deadline tracking for https://code.google.com/p/chromium/issues/detail?id=482521 --- VULNERABILITY DETAILS When setting the scrollRect attribute o...

Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free

Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=359&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Deadline tracking for https://code.google.com/p/chromium/issues/detail?id=482521 ---...

Adobe Flash - Drawing Methods 'this' Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=388&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There are use-after frees realated to storing a single pointer this this pointer in several MovieClip drawing methods, including beginFill,...

Memory corruption

The vmware-vga driver hw/display/vmwarevga.c in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling...

DEBIAN-CVE-2014-3689

The vmware-vga driver hw/display/vmwarevga.c in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling...

CVE-2014-3689

The vmware-vga driver hw/display/vmwarevga.c in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling...

[SECURITY] [DSA 3066-1] qemu security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3066-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...