Design/Logic Flaw

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."...

CVE-2016-8684

GraphicsMagick 1.3.25 contains a memory allocation failure in MagickMalloc (magick/memory.c) that remote attackers could trigger via a crafted image, resulting in a file truncation error for a corrupt file. Multiple connected advisories note this CVE (CVE-2016-8684) and indicate a security update...

CVE-2016-8683

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."...

CVE-2016-8683

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."...

CVE-2016-8683

GraphicsMagick 1.3.25 and earlier is affected by CVE-2016-8683 due to a vulnerability in ReadPCXImage (coders/pcx.c). Remote attackers can trigger a memory allocation failure in the PCX coder, potentially leading to denial of service. Documented in multiple advisories (e.g., Mageia MGASA-2017-022...

CVE-2016-8684

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."...

IBM Domino 8.5.x < 8.5.3 Fix Pack 6 Interim Fix 4 GIF Code Execution

According to its banner, the version of IBM Domino formerly IBM Lotus Domino running on the remote host is 8.5.x prior to 8.5.3 Fix Pack 6 FP6 Interim Fix 4 IF4. It is, therefore, potentially affected by an integer truncation error when processing GIF files. A remote attacker, using a crafted GIF...

IBM Domino 8.5.x < 8.5.3 Fix Pack 6 Interim Fix 4 GIF Code Execution (credentialed check)

The version of IBM Domino formerly IBM Lotus Domino installed on the remote host is 8.5.x prior to 8.5.3 Fix Pack 6 FP6 Interim Fix 4 IF4. It is, therefore, potentially affected by an integer truncation error when processing GIF files. A remote attacker, using a crafted GIF file, could exploit th...

IBM Domino 9.0.x < 9.0.1 Fix Pack 3 Interim Fix 2 GIF Code Execution (credentialed check)

The version of IBM Domino formerly IBM Lotus Domino installed on the remote host is 9.0.x prior to 9.0.1 Fix Pack 3 FP3 Interim Fix 2 IF2. It is, therefore, potentially affected by an integer truncation error when processing GIF files. A remote attacker, using a crafted GIF file, could exploit th...

SAP SQL Anywhere .NET Data Provider REPLICATE Function Heap Overflow Code Execution Vulnerability

This allows attackers to execute arbitrary code on applications which pass user provided data to the vulnerable API in SAP SQL Anywhere. The specific flaw exists within the handling of the REPLICATE function. If an application allows untrusted input to be used as the length of a REPLICATE functio...

Thunderbird < 24.1 NSS and NSPR Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.1.1 and is, therefore, potentially affected by the following vulnerabilities : - An error exists related to handling input greater than half the maximum size of the 'PRUint32' value. CVE-2013-1741 - An error exists in the 'NullCipher' functi...

SeaMonkey < 2.22.1 NSS and NSPR Multiple Vulnerabilities

The installed version of SeaMonkey is a version prior to 2.22.1 and is, therefore, potentially affected by the following vulnerabilities : - An error exists related to handling input greater than half the maximum size of the 'PRUint32' value. CVE-2013-1741 - An error exists in the 'NullCipher'...

CVE-2013-5176

The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service system hang by triggering a truncation error...

Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64

A numeric truncation error was found in the OpenOffice.org memory allocator. If a carefully crafted file was opened by a victim, an attacker could use this flaw to crash OpenOffice.org or, possibly, execute arbitrary code. CVE-2008-3282 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Heap overflow

Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to a...

Secunia Research: Novell GroupWise Internet Agent &quot;TZNAME&quot; Parsing Vulnerability

====================================================================== Secunia Research 27/09/2011 - Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability - ====================================================================== Table of Contents Affected...

Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)

This host is missing a critical security update according to Microsoft Bulletin MS11-011. OpenVAS Vulnerability Test $Id: secpodms11-011.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Windows Kernel Elevation of Privilege Vulnerability 2393802 Authors: Madhuri D Copyright: Copyright c 2011 SecPod...

Microsoft Windows Kernel Elevation of Privilege Vulnerability (2393802)

This host is missing a critical security update according to Microsoft Bulletin MS11-011. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Moderate: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2011-0682

CVE-2011-0682 is an Opera vulnerability caused by an integer truncation in opera.dll that can be triggered by an HTML form with a select element containing a large number of children. The issue could allow remote arbitrary code execution or memory corruption. Opera 11.01 addresses this vulnerabil...