The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path. Date published : 2017-03-23 http://www.securityfocus.com/bid/97283 https://bugs.launchpad.net/ubuntu/+source/pitivi/+bug/1495272
The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on...
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on...
Integer overflow in jas_image.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (application crash) via a crafted file. Date published : 2017-03-23 http://www.securityfocus.com/bid/94490 https://bugzilla.redhat.com/show_bug.cgi?id=1398251
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. Date published : 2017-03-23 http://www.securityfocus.com/bid/94492 https://bugzilla.redhat.com/show_bug.cgi?id=1398198
The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. Date published : 2017-03-23 http://www.securityfocus.com/bid/94380 https://bugzilla.redhat.com/show_bug.cgi?id=1396981
The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. Date published : 2017-03-23 http://www.securityfocus.com/bid/94382 https://bugzilla.redhat.com/show_bug.cgi?id=1396980
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. Date published : 2017-03-23 http://www.securityfocus.com/bid/94373 https://bugzilla.redhat.com/show_bug.cgi?id=1396979
The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors. Date published : 2017-03-23 http://www.securityfocus.com/bid/94379 https://bugzilla.redhat.com/show_bug.cgi?id=1396978
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. Date published : 2017-03-23 http://www.securityfocus.com/bid/94376 https://bugzilla.redhat.com/show_bug.cgi?id=1396977
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. Date published : 2017-03-23 http://www.securityfocus.com/bid/94372 https://bugzilla.redhat.com/show_bug.cgi?id=1396975
The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. Date published : 2017-03-23 http://www.securityfocus.com/bid/94377 https://bugzilla.redhat.com/show_bug.cgi?id=1396972
The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file. Date published : 2017-03-23 http://www.securityfocus.com/bid/94377 https://bugzilla.redhat.com/show_bug.cgi?id=1396971
The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer. Date published : 2017-03-23 http://www.securityfocus.com/bid/94371 https://bugzilla.redhat.com/show_bug.cgi?id=1396967