Ubuntu Security Notice 3693-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
634ed74c25e81ed131de35c86f074a36feabaeb41542eefbc522a1f0d574b41eUbuntu Security Notice 3670-1 - Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.
cba8a2e28c73b05551966e6f681349ffd0bf42b5553713c3cf8a26cae4032542Ubuntu Security Notice 3571-1 - It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to inject arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS. It was discovered that Erlang incorrectly checked CBC padding bytes. A remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.
17cd261b5bd06018d5a33b401a3ff15f84875562d975783f5ffda1ae13006e8fGentoo Linux Security Advisory 201710-10 - Multiple vulnerabilities have been found in elfutils, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 0.169-r1 are affected.
70260518685556fb869ffc6423adb02280c238fa013e7c02fbd51c084cc9df76Ubuntu Security Notice 3295-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
b62194c8b668f64ae29e7257348391b5c012a8addd0decc9b4f7c298876675a3Red Hat Security Advisory 2017-1208-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
68e5ec71a7d55fddd3f5075f283c5a28ea2e0b1c9044cf97142f0c6b5e40ffcfDebian Linux Security Advisory 3827-1 - Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed.
4170f85a10bcb8468b41aabc85e4629e67fb361a2d7f3f41e41a62a5cd16a152Red Hat Security Advisory 2016-0610-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.616. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
5145ad8c00fcfd2b59e1d57411a22febeb7e651b05d88217b455d025ff236f82
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed