exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

CVE-2019-7317

Status Candidate

Overview

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

Related Files

Red Hat Security Advisory 2019-2737-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
SHA-256 | da9c10b6d6ebd53b140a73576a15531540032de1ba86d3c6aaeb76c4fb7a36e6
Red Hat Security Advisory 2019-2590-01
Posted Sep 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2590-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
SHA-256 | 234bc48d41c224a36e414a4e6eaf6e56e17a3d9f680d900900e44738f1bbc2d7
Red Hat Security Advisory 2019-2592-01
Posted Sep 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2592-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
SHA-256 | 8cce86b06c59f79627522e6aee065d44b7fff974d18060c9c2f9e81f9a8163c3
Red Hat Security Advisory 2019-2585-01
Posted Sep 2, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2585-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11772, CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-7317
SHA-256 | 0a1120d0163c943c873026b0c03f05a66ec5fbb273b0312ff57db2b1947c5c9a
Red Hat Security Advisory 2019-2494-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2494-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2816, CVE-2019-7317
SHA-256 | 301774e4eb7fa31f05e30ee1408ff71a60bbb9a6a99b4c002a505cd5c28cc4b0
Red Hat Security Advisory 2019-2495-01
Posted Aug 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2495-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2019-11775, CVE-2019-2762, CVE-2019-2769, CVE-2019-2816, CVE-2019-7317
SHA-256 | afa744f86702652e505450d7a9ebe737e7e5cc662c030d48145a4b72acddf732
Gentoo Linux Security Advisory 201908-02
Posted Aug 3, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-2 - Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition. Versions less than 1.6.37:0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-14048, CVE-2018-14550, CVE-2019-7317
SHA-256 | 049560f96c3f453ba6e827ec0814d8153b2f4a16c5d22d9ae2dce2d80c5fcf92
Ubuntu Security Notice USN-4083-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4083-1 - It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2818, CVE-2019-2821, CVE-2019-7317
SHA-256 | 1a9a516552f67cc0818e16bae226fc402cc11e761ed01697738ead45cac2a35f
Ubuntu Security Notice USN-4080-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-2745, CVE-2019-2762, CVE-2019-2769, CVE-2019-2786, CVE-2019-2816, CVE-2019-2842, CVE-2019-7317
SHA-256 | b2f8d3392cdd91986b9855643afae96bc0a7988a22f7cd705a4412588de93bef
Ubuntu Security Notice USN-3991-3
Posted Jun 17, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
SHA-256 | 5c1699b949d86c39c9f8b65e74e1a7f1f5a61db5769f7396a87fc70f10f4d139
Ubuntu Security Notice USN-3991-2
Posted Jun 6, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-2 - USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. Multiple security issues were discovered in Firefox.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11695, CVE-2019-11697, CVE-2019-11698, CVE-2019-7317, CVE-2019-9816, CVE-2019-9820
SHA-256 | fce0fd5359a0610ee51b72fd465faebffffb5cd18c3aad0415bf99f701eb6fea
Red Hat Security Advisory 2019-1308-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1308-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | 0c666439eb0ee41187903bdf5516b4eefff1c99118131bcf0c77da4880c360a8
Red Hat Security Advisory 2019-1309-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1309-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | 38bab4a001797943b20445d6599932849ec8d17171785f3d362667a839e70bf7
Red Hat Security Advisory 2019-1310-01
Posted Jun 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1310-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | 933c2e3d6fa11da00695be460a743aab77f1cc0a23e5598b8741cf0cacb244e8
Debian Security Advisory 4451-1
Posted May 24, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | 7c0997408a516b38bd2ff33efdab9ee1a2b6e4d2bfe479bcfc717d4f571b3aa2
Red Hat Security Advisory 2019-1269-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | fbee5170db375b3d91941cb07f2ba27bcfb9a84cf4b53b8dcccbf4fbd8716f11
Red Hat Security Advisory 2019-1267-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | c6e7155e7416cfb68cc04e1c989838cfbc3d5433f74b1b0317dbf609a6f20135
Red Hat Security Advisory 2019-1265-01
Posted May 23, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | a0c42636e0c91502637faa4f359fdb2c32abbdeeebfb99420b97ed8275037807
Debian Security Advisory 4448-1
Posted May 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2018-18511, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-11698, CVE-2019-5798, CVE-2019-7317, CVE-2019-9797, CVE-2019-9800, CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820
SHA-256 | d89f01da812aa3a226285e5880b87cf7b169f13f720a9c99ad5b79d20fac0109
Ubuntu Security Notice USN-3991-1
Posted May 21, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, spoof, xss
systems | linux, ubuntu
advisories | CVE-2019-11691, CVE-2019-11695, CVE-2019-11696, CVE-2019-11697, CVE-2019-11698, CVE-2019-11701, CVE-2019-7317, CVE-2019-9800, CVE-2019-9816, CVE-2019-9820, CVE-2019-9821
SHA-256 | 28909dfaec423e05f4608eb048743996392be70b8be76c266a132e15a974d78b
Ubuntu Security Notice USN-3962-1
Posted May 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-7317
SHA-256 | 052380ea1c71d02d8410070677e7a708f6a453a3153ccacfd6ed27ffef7d6d63
Debian Security Advisory 4435-1
Posted Apr 29, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-7317
SHA-256 | df28c2b8fc806792950ef320b38b24112132d25d54ec04f8f3aee39e69995fc1
Slackware Security Advisory - libpng Updates
Posted Apr 18, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libpng packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-14048, CVE-2018-14550, CVE-2019-7317
SHA-256 | b4b4ff26daa8f526e4c76b925e9cc0e3c2f76e411f39dbcfe285ebe048d92080
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close