gstreamer1-plugins-bad-free security update

1.4.5-6 - Fix h264 and h265 buffer size checks - Fix mpegts pat parsing and add more size checks Resolves: rhbz1400897 1.4.5-5 - vmncdec: Sanity-check width/height before using it Resolves: rhbz1400897...

Fedora 25 : gstreamer-plugins-bad-free (2016-9c63b652a8)

vmncdec: Sanity-check width/height before using it Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

UBUNTU-CVE-2015-8870

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service heap-based buffer over-read, or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file...

CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

UBUNTU-CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

libtiff: OOB read in bmp2tiff

Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image...

libtiff: OOB read in bmp2tiff

Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image...

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0160 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 Description A vulnerability in libvseshr can lead to remote code execution while parsing a specially crafted Word document containing a reference to Escher drawin...

FreeBSD : xen-kernel -- x86 shadow pagetables: address width overflow (d51ced72-4212-11e6-942d-bc5ff45d0f28)

The Xen Project reports : In the x86 shadow pagetable code, the guest frame number of a superpage mapping is stored in a 32-bit field. If a shadowed guest can cause a superpage mapping of a guest-physical address at or above 2^44 to be shadowed, the top bits of the address will be lost, causing a...

php imagecreatefrom* functions of the png-vulnerability warning-the black bar safety net

0x00 introduction This article mainly analyzes the php using the GD library imagecreatefrompng function to rebuild the png image may lead to local file inclusion vulnerability. When the system is the existence of the file contains the points, can contain a picture file; in addition the system the...

Fedora 24 : xen-4.6.1-6.fc24 (2016-48e72b7bc5)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

Fedora 23 : xen-4.5.3-2.fc23 (2016-35d7b09908)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

Fedora 22 : xen-4.5.3-2.fc22 (2016-75063477ca)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

CVE-2015-7555

Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service program crash via crafted image and logical screen width fields in a GIF file...

DEBIAN-CVE-2015-8668

Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image...

CVE-2015-8668

Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image...

UBUNTU-CVE-2015-8668

Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image...

PT-2016-3942 · Libtiff +4 · Libtiff +4

Name of the Vulnerable Software and Affected Versions: libtiff versions 4.0.6 and earlier Description: The issue is related to a heap-based buffer overflow in the PackBitsPreEncode function in tif packbits.c in bmp2tiff, which allows remote attackers to execute arbitrary code or cause a denial of...