what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

CVE-2019-7317

Status Candidate

Overview

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

Related Files

Red Hat Security Advisory 2019-2737-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
MD5 | d857fc43423f89c7e92d419b41cce979
Red Hat Security Advisory 2019-2590-01
Posted Sep 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2590-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
MD5 | 193ad3e4a6f765ff51efec9b9c78a7f9
Red Hat Security Advisory 2019-2592-01
Posted Sep 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2592-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
MD5 | 118cf2f2f0c57e2216408812fe6c1d39
Red Hat Security Advisory 2019-2585-01
Posted Sep 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2585-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
MD5 | 1007a9e174972511875aa0933d61fed6
Red Hat Security Advisory 2019-2494-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2494-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2816, CVE-2019-7317
MD5 | e024dbae32cef445c398240101eadb90
Red Hat Security Advisory 2019-2495-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2495-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2816, CVE-2019-7317
MD5 | 24d4ed87408dbf51984edd9a4a7d4d8a
Gentoo Linux Security Advisory 201908-02
Posted Aug 3, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-2 - Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition. Versions less than 1.6.37:0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-14048, CVE-2018-14550, CVE-2019-7317
MD5 | ebad5c9a795530c0a2ee2008cc6663f6
Ubuntu Security Notice USN-4083-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4083-1 - It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2818, CVE-2019-2821, CVE-2019-7317
MD5 | 5d18b6361a207a5b286a6992f7008225
Ubuntu Security Notice USN-4080-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-2745, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2842, CVE-2019-7317
MD5 | 8dd0e6f5f11d95cfefe11d8f906c122e
Ubuntu Security Notice USN-3991-3
Posted Jun 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
MD5 | 8c5b15a8d0783dd7f81983d70f7b5a54
Ubuntu Security Notice USN-3991-2
Posted Jun 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-2 - USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. Multiple security issues were discovered in Firefox.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
MD5 | dfe92b399280a2bd7624c1594870919f
Red Hat Security Advisory 2019-1308-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1308-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 3799e04910ea71ee18e5ca0bbf8d617a
Red Hat Security Advisory 2019-1309-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1309-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 83acd407b7b9c83c1e892baf897da3dd
Red Hat Security Advisory 2019-1310-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1310-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | a15ddb28faf928a9133819f11ccecfaa
Debian Security Advisory 4451-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 59a609958def5924c2510dc7835f61d8
Red Hat Security Advisory 2019-1269-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 425d5423e580dbfd5416ae1a3c86ff5c
Red Hat Security Advisory 2019-1267-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | e73ac7e2d27531b4bb229fecc5310833
Red Hat Security Advisory 2019-1265-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 665a4248296acddccf6877f808db5ba8
Debian Security Advisory 4448-1
Posted May 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
MD5 | 38f258bf454c1e2f51d5d76bae0e17af
Ubuntu Security Notice USN-3991-1
Posted May 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof, xss
systems | linux, ubuntu
advisories | CVE-2019-11691, CVE-2019-11695, CVE-2019-11696, CVE-2019-11697, CVE-2019-11698, CVE-2019-11701, CVE-2019-7317, CVE-2019-9800, CVE-2019-9816, CVE-2019-9820, CVE-2019-9821
MD5 | d157c03ec1158e7291ba7c7c580166d3
Ubuntu Security Notice USN-3962-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7317
MD5 | f4ed0cb626722f39697532c827906c34
Debian Security Advisory 4435-1
Posted Apr 29, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-7317
MD5 | 91303436378ae37f2510c65fdc62ed5e
Slackware Security Advisory - libpng Updates
Posted Apr 18, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libpng packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-14048, CVE-2018-14550, CVE-2019-7317
MD5 | 1bd2113720ded8f13601059ac9486d09
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close