what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

CVE-2019-7317

Status Candidate

Overview

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

Related Files

Red Hat Security Advisory 2019-2494-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2494-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2816, CVE-2019-7317
MD5 | e024dbae32cef445c398240101eadb90
Red Hat Security Advisory 2019-2495-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2495-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2816, CVE-2019-7317
MD5 | 24d4ed87408dbf51984edd9a4a7d4d8a
Gentoo Linux Security Advisory 201908-02
Posted Aug 3, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-2 - Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition. Versions less than 1.6.37:0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-14048, CVE-2018-14550, CVE-2019-7317
MD5 | ebad5c9a795530c0a2ee2008cc6663f6
Ubuntu Security Notice USN-4083-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4083-1 - It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2818, CVE-2019-2821, CVE-2019-7317
MD5 | 5d18b6361a207a5b286a6992f7008225
Ubuntu Security Notice USN-4080-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-2745, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2842, CVE-2019-7317
MD5 | 8dd0e6f5f11d95cfefe11d8f906c122e
Ubuntu Security Notice USN-3991-3
Posted Jun 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
MD5 | 8c5b15a8d0783dd7f81983d70f7b5a54
Ubuntu Security Notice USN-3991-2
Posted Jun 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-2 - USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. Multiple security issues were discovered in Firefox.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
MD5 | dfe92b399280a2bd7624c1594870919f
Red Hat Security Advisory 2019-1308-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1308-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 3799e04910ea71ee18e5ca0bbf8d617a
Red Hat Security Advisory 2019-1309-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1309-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 83acd407b7b9c83c1e892baf897da3dd
Red Hat Security Advisory 2019-1310-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1310-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | a15ddb28faf928a9133819f11ccecfaa
Debian Security Advisory 4451-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 59a609958def5924c2510dc7835f61d8
Red Hat Security Advisory 2019-1269-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 425d5423e580dbfd5416ae1a3c86ff5c
Red Hat Security Advisory 2019-1267-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | e73ac7e2d27531b4bb229fecc5310833
Red Hat Security Advisory 2019-1265-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 665a4248296acddccf6877f808db5ba8
Debian Security Advisory 4448-1
Posted May 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 38f258bf454c1e2f51d5d76bae0e17af
Ubuntu Security Notice USN-3991-1
Posted May 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof, xss
systems | linux, ubuntu
advisories | CVE-2019-11691, CVE-2019-11695, CVE-2019-11696, CVE-2019-11697, CVE-2019-11698, CVE-2019-11701, CVE-2019-7317, CVE-2019-9800, CVE-2019-9816, CVE-2019-9820, CVE-2019-9821
MD5 | d157c03ec1158e7291ba7c7c580166d3
Ubuntu Security Notice USN-3962-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7317
MD5 | f4ed0cb626722f39697532c827906c34
Debian Security Advisory 4435-1
Posted Apr 29, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-7317
MD5 | 91303436378ae37f2510c65fdc62ed5e
Slackware Security Advisory - libpng Updates
Posted Apr 18, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libpng packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-14048, CVE-2018-14550, CVE-2019-7317
MD5 | 1bd2113720ded8f13601059ac9486d09
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close