LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to “WRITE of size 2048” and libtiff/tif_next.c:64:9.
Monthly Archives: March 2017
CVE-2016-10266
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.
CVE-2016-10267
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.
CVE-2016-10268
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to “READ of size 78490” and libtiff/tif_unix.c:115:23.
Debian Security Advisory 3817-1
Debian Linux Security Advisory 3817-1 – Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened.
Ubuntu Security Notice USN-3233-1
Ubuntu Security Notice 3233-1 – Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, cause a denial of service via application crash or hang, or execute arbitrary code.
Instagram Adds Two-Factor Authentication
Instagram became the latest in a long line of services over the years to offer users two-factor authentication.
Conan Exiles Early Access Review: Welcome to Hyboria
Open world survival games like ARK: Survival Evolved, Rust, and 7 Days to Die, are a big thing right now – it seems like there is a new one being released every other day on Steam. While the setting may differ most of them have one thing in common: They were developed by indie developers. […]
The post Conan Exiles Early Access Review: Welcome to Hyboria appeared first on Avira Blog.
CVE-2016-2224
The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply.
CVE-2016-3179
The processRequest function in minissdpd.c in MiniSSDPd 1.2.20130907-3 allows local users to cause a denial of service (invalid free and daemon crash) via vectors related to error handling.