6686 matches found
August 15, 2017—KB4034670 (Preview of Monthly Rollup)
August 15, 2017—KB4034670 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4034664released August 8, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addressed an...
[SECURITY] Fedora 25 Update: k3d-0.8.0.6-8.fc25
K-3D is a complete 3D modeling, animation and rendering system. K-3D features a robust, object oriented plugin architecture, designed to scale to the needs of professional artists. It is designed from the ground up to generate motion picture quality animation using RenderMan compliant render...
[SECURITY] Fedora 26 Update: synfig-1.2.0-9.fc26.1
Synfig is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need for tweening,...
[SECURITY] Fedora 26 Update: k3d-0.8.0.6-8.fc26
K-3D is a complete 3D modeling, animation and rendering system. K-3D features a robust, object oriented plugin architecture, designed to scale to the needs of professional artists. It is designed from the ground up to generate motion picture quality animation using RenderMan compliant render...
Linux PDF rendering engine poppler suffers from a denial of service vulnerability
Poppler is used to generate a PDF of the C++ class library , from xpdf inheritance. Linux PDF rendering engine poppler Stream.cc ImageStream::ImageStream there is a denial-of-service vulnerability. Attackers can use this vulnerability to launch denial-of-service attacks...
AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability(CVE-2016-8382)
Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send a malicious doc file to trigger this vulnerability...
Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability(CVE-2017-2814)
Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF...
Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based...
Lazy async SVG rasterisation
Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...
Lazy async SVG rasterisation
Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...
CVE-2017-2822
An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...
Design/Logic Flaw
An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...
CVE-2017-2822
An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...
CVE-2017-2822
An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack. A...
RHEL 6 : poppler (RHSA-2017:2550)
An update for poppler is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 7 : poppler (RHSA-2017:2551)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2551 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: A stack-based buffer...
CentOS 6 : poppler (CESA-2017:2550)
An update for poppler is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
poppler security update
CentOS Errata and Security Advisory CESA-2017:2551 An update for poppler is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
poppler security update
CentOS Errata and Security Advisory CESA-2017:2550 An update for poppler is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Vulnerability Spotlight: Lexmark Perceptive Document Filters Code Execution Bugs
OverviewTalos is disclosing a pair of code execution vulnerabilities in Lexmark Perceptive Document Filters. Perceptive Document Filters are a series of libraries that are used to parse massive amounts of different types of file formats for multiple purposes. Talos has previously discussed in...