The _iprintf function in outputtxt.c in the listswf tool in libming 0.4.7 allows remote attackers to cause a denial of service (buffer over-read) via a crafted SWF file.
Monthly Archives: February 2017
CVE-2016-9814
The validateSignature method in the SAML2Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.
CVE-2016-9773
Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9556.
CVE-2016-9955
The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.
CVE-2017-5357 (ed, fedora)
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
Bugtraq: KL-001-2017-001 : Trendmicro InterScan Arbitrary File Write
KL-001-2017-001 : Trendmicro InterScan Arbitrary File Write
Bugtraq: KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability
KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability
Bugtraq: [SYSS-2017-001] Simplessus Files: SQL Injection
[SYSS-2017-001] Simplessus Files: SQL Injection
Bugtraq: [SYSS-2017-004] Simplessus Files: Path Traversal
[SYSS-2017-004] Simplessus Files: Path Traversal
RHBA-2017:0283-1: Red Hat JBoss Operations Network Agent RPM 3.3 (update 08) EAP 6
Red Hat Enterprise Linux: Updated jboss-on-agent packages that fix several bugs and add various
enhancements are now available.