Red Hat Security Advisory 2020-1034-01 - Doxygen can generate an online class browser and/or a reference manual from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Issues addressed include a cross site scripting vulnerability.
2278e6814a47a0b4c553586fbdce7ff713ddd1f87da3ed06b0e806daab70e16a
Ubuntu Security Notice 4002-1 - It was discovered that Doxygen incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code and compromise sensitive information.
faabf293d23bc8e2799063cc3a36c078a7c3290e69e491adfd31c74185c9d315
Ubuntu Security Notice 3693-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
634ed74c25e81ed131de35c86f074a36feabaeb41542eefbc522a1f0d574b41e
Gentoo Linux Security Advisory 201709-7 - A vulnerability in Kpathsea allows remote attackers to execute arbitrary commands by manipulating the -tex option from mpost program. Versions less than 6.2.2_p20160523 are affected.
74393787b41ed794c957845ee6e182bd9c106d02114dbbf74a130e91b5851217
Ubuntu Security Notice 3401-1 - It was discovered that TeX Live incorrectly handled certain system commands. If a user were tricked into processing a specially crafted TeX file, a remote attacker could execute arbitrary code.
e2dd15b88bd511cf338df474d6659910010ee0c046f5ebf774a500cbf8251847
Gentoo Linux Security Advisory 201706-14 - Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 are affected.
d5896fe968f276e9777c40ceb6bb2ecf8c61938a3d77fd2a63e307b9529a3f09
Ubuntu Security Notice 3295-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
b62194c8b668f64ae29e7257348391b5c012a8addd0decc9b4f7c298876675a3
Red Hat Security Advisory 2017-1208-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
68e5ec71a7d55fddd3f5075f283c5a28ea2e0b1c9044cf97142f0c6b5e40ffcf
Debian Linux Security Advisory 3827-1 - Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed.
4170f85a10bcb8468b41aabc85e4629e67fb361a2d7f3f41e41a62a5cd16a152
Ubuntu Security Notice 3237-1 - It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code.
043ff2b27d9d296fe83b51e3661fdcb9e5855895d2618bc4c4729e92302fa76c
Red Hat Security Advisory 2016-0610-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.616. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
5145ad8c00fcfd2b59e1d57411a22febeb7e651b05d88217b455d025ff236f82