An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer. The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet allows overwriting the least significant byte of next heap chunk metadata with 0x2E. A network attacker capable of providing DNS responses to a nginx server can achieve Denial-of-Service and likely remote code execution. Due to the lack of DNS spoofing mitigations in nginx and the fact that the vulnerable function is called before checking the DNS Transaction ID, remote attackers might be able to exploit this vulnerability by flooding the victim server with poisoned DNS responses in a feasible amount of time.
3dfbbfc75ab8248919c960e6279f4525444e77d8b1532e2dc80da38820b690c4
An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA version 4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file.
183f1463a17d86e57cdffc4bbe68da6feacd0ea4ddea585d5da2223c4199d865
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival's bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries. Proof of concept included.
643f39b2a94fbeb126dfc6e857751a1e90b11ec7a3a02e0368174a11f3c10689
A type confusion has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash the process or leak information from the client system via calendar replies. Proof of concept included.
ef2673a39e913d07181596a62fd8c9246e3d5812f7d9b077e77524dc51376013
A stack-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.
47c3eb61b29367d5a2946ff2994c08510a93a27c3f70aae7b73521d1c8fa4c8e
A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.
fbc427324f7bbbd52b32d86534519facca35022c50ab621232e63a61a9d5146c
A heap-based buffer overflow has been identified in the Thunderbird email client. The issue is present in the libical implementation, which was forked from upstream libical version 0.47. The issue can be triggered remotely, when an attacker sends an specially crafted calendar attachment and does not require user interaction. It might be used by a remote attacker to crash or gain remote code execution in the client system. Proof of concept included.
766c136bb2357c16dd4df02ef330217cd6ff8d8808169a3d9f9621d7f7750e6c
Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are affected.
a6ae5d3d4dedcc85875a8b486ef5cb3f062250e0ddef95b52ca59a9b77f9c066