CVE-2016-4570

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

Code injection

The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

CVE-2016-4571

The mxmlwritenode function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

CVE-2016-4571

CVE-2016-4571 affects the mxml library. The vulnerability is in the function mxml_write_node (file mxml-file.c) and can allow remote attackers to cause a denial of service via crafted XML, affecting versions 2.9, 2.7 and possibly earlier. Several advisories document fixes: Debian/DLA-1641-1 notes...

CVE-2016-4570

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

CVE-2016-4570

The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service stack consumption via crafted xml file...

CVE-2016-4570

CVE-2016-4570 affects the mxml library (mxml 2.9, 2.7, and earlier) via the mxmlDelete function in mxml-node.c, allowing denial of service (stack exhaustion) when processing crafted XML files. Connected advisories confirm this vulnerability and show patched packages in multiple distros: Debian (D...

Denial Of Service (DoS)

Jansson is vulnerable to denial of service DoS attacks. These attacks are possible though JSON data, causing deep recursion, stack consumption and eventually crashing the application...

Amazon Linux AMI : php56 (ALAS-2017-787)

A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf was incorrectly handled, leading in some circumstances to an out of bounds write through a very large argument to memcpy. An attacker could create a crafted image that would lead to a crash or, potentially, code...

Medium: php56

Issue Overview: A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf was incorrectly handled, leading in some circumstances to an out of bounds write through a very large argument to memcpy. An attacker could create a crafted image that would lead to a crash or,...

CVE-2016-9933

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library aka libgd before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service segmentation violation via a crafted imagefilltoborder call that...

EUVD-2016-10720

Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library aka libgd before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service segmentation violation via a crafted imagefilltoborder call that...

F5 Networks BIG-IP : libxml2 vulnerabilities (K54225343)

CVE-2016-3627 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash via a crafted XML document CVE-2016-3705 The 1...

php: Stack consumption vulnerability in Zend/zend_exceptions.c

Stack consumption vulnerability in Zend/zendexceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service segmentation fault via recursive method calls...

Amazon Linux AMI : kernel (ALAS-2016-762)

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...

Important: kernel

Issue Overview: The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers an...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-1212) (Dirty COW)

The openSUSE Leap 42.1 kernel was updated to 4.1.34, fixing bugs and security issues. The following security bugs were fixed : - CVE-2016-5195: A local privilege escalation using MAPPRIVATE was fixed, which is reportedly exploited in the wild bsc1004418. - CVE-2016-8658: Stack-based buffer overfl...

openSUSE: Security Advisory for kernel (openSUSE-SU-2016:2584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-8666

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...

SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)

This update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...