CVSS: 8.1EPSS: 0%CPEs: 15EXPL: 1CVE-2017-6009 – icoutils: Buffer overflow in the decode_ne_resource_id function
https://notcve.org/view.php?id=CVE-2017-6009
An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decode_ne_resource_id" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a failed memcpy. This affects wrestool. Se descubrió un problema en icoutils 0.31.1. • http://rhn.redhat.com/errata/RHSA-2017-0837.html http://www.debian.org/security/2017/dsa-3807 http://www.securityfocus.com/bid/96292 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854050 https://security.gentoo.org/glsa/201801-12 https://access.redhat.com/security/cve/CVE-2017-6009 https://bugzilla.redhat.com/show_bug.cgi?id=1422906 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 3CVE-2016-9560 – jasper: stack-based buffer overflow in jpc_dec_tileinit()
https://notcve.org/view.php?id=CVE-2016-9560
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. El desbordamiento del búfer basado en la pila en la función jpc_tsfb_getbands2 en jpc_tsfb.c en JasPer antes de la versión 1.900.30 permite a los atacantes remotos tener un impacto no especificado a través de una imagen manipulada • http://www.debian.org/security/2017/dsa-3785 http://www.openwall.com/lists/oss-security/2016/11/20/1 http://www.openwall.com/lists/oss-security/2016/11/23/5 http://www.securityfocus.com/bid/94428 https://access.redhat.com/errata/RHSA-2017:1208 https://blogs.gentoo.org/ago/2016/11/20/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2016-9560 https://github.com/mdadams/jasper& • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 0CVE-2016-9578 – spice: Remote DoS via crafted message
https://notcve.org/view.php?id=CVE-2016-9578
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. Se ha descubierto una vulnerabilidad en SPICE en versiones anteriores a la 0.13.90 en el manejo del protocolo del servidor. Un atacante capaz de conectarse al servidor de SPICE podría enviar mensajes manipulados que podría provocar el cierre inesperado del proceso. A vulnerability was discovered in SPICE in the server's protocol handling. • http://rhn.redhat.com/errata/RHSA-2017-0253.html http://rhn.redhat.com/errata/RHSA-2017-0549.html http://www.securityfocus.com/bid/96118 https://access.redhat.com/errata/RHSA-2017:0254 https://access.redhat.com/errata/RHSA-2017:0552 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9578 https://www.debian.org/security/2017/dsa-3790 https://access.redhat.com/security/cve/CVE-2016-9578 https://bugzilla.redhat.com/show_bug.cgi?id=1399566 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 1%CPEs: 13EXPL: 0CVE-2016-9577 – spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages
https://notcve.org/view.php?id=CVE-2016-9577
A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. Se ha descubierto una vulnerabilidad en SPICE en versiones anteriores a la 0.13.90 en el manejo del protocolo del servidor. Un atacante autenticado podría enviar mensajes al servidor SPICE provocando un desbordamiento de memoria dinámica (heap) que provocaría un cierre inesperado o una posible ejecución de código. A vulnerability was discovered in SPICE in the server's protocol handling. • http://rhn.redhat.com/errata/RHSA-2017-0253.html http://rhn.redhat.com/errata/RHSA-2017-0549.html http://www.securityfocus.com/bid/96040 https://access.redhat.com/errata/RHSA-2017:0254 https://access.redhat.com/errata/RHSA-2017:0552 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9577 https://www.debian.org/security/2017/dsa-3790 https://access.redhat.com/security/cve/CVE-2016-9577 https://bugzilla.redhat.com/show_bug.cgi?id=1401603 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.1EPSS: 1%CPEs: 58EXPL: 0CVE-2016-10165 – lcms2: Out-of-bounds read in Type_MLU_Read()
https://notcve.org/view.php?id=CVE-2016-10165
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. La función Type_MLU_Read en cmstypes.c en Little CMS (también conocido como lcms2) permite a atacantes remotos obtener información sensible o provocar una denegación de servicio a través de una imagen con un perfil ICC manipulado, lo que desencadena una lectura de memoria dinámica fuera de límites. • http://lists.opensuse.org/opensuse-updates/2017-01/msg00174.html http://rhn.redhat.com/errata/RHSA-2016-2079.html http://rhn.redhat.com/errata/RHSA-2016-2658.html http://www.debian.org/security/2017/dsa-3774 http://www.openwall.com/lists/oss-security/2017/01/23/1 http://www.openwall.com/lists/oss-security/2017/01/25/14 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/95808 http://www.securitytracker.com/id& • CWE-125: Out-of-bounds Read •