Monthly Archive: July 2017

The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav...

The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. Date published : 2017-07-31...

The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. Date published : 2017-07-31 https://www.exploit-db.com/exploits/42399/ http://seclists.org/fulldisclosure/2017/Jul/82

The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file. Date published : 2017-07-31 https://www.exploit-db.com/exploits/42398/...

The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file. Date published : 2017-07-31 https://www.exploit-db.com/exploits/42397/ http://seclists.org/fulldisclosure/2017/Jul/80

The DivFixppCore::avi_header_fix function in DivFix++Core.cpp in DivFix++ v0.34 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted avi file. Date published : 2017-07-31 https://www.exploit-db.com/exploits/42396/ http://seclists.org/fulldisclosure/2017/Jul/79

The chk_mem_access function in cpu/nes6502/nes6502.c in libnosefart.a in Nosefart 2.9-mls allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted nsf file. Date published : 2017-07-31...

The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted jpg file. Date published : 2017-07-31 http://seclists.org/fulldisclosure/2017/Jul/77 https://sourceforge.net/p/openexif/bugs/18/

The ExifImageFile::readDHT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file. Date published : 2017-07-31 http://seclists.org/fulldisclosure/2017/Jul/77 https://sourceforge.net/p/openexif/bugs/18/

The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file. Date published : 2017-07-31 http://seclists.org/fulldisclosure/2017/Jul/77 https://sourceforge.net/p/openexif/bugs/18/

The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted jpg file. Date published : 2017-07-31 http://seclists.org/fulldisclosure/2017/Jul/77 https://sourceforge.net/p/openexif/bugs/18/

The put_chars function in html_r.c in Twibright Links 2.14 allows remote attackers to cause a denial of service (buffer over-read) via a crafted HTML file. Date published : 2017-07-31 http://seclists.org/fulldisclosure/2017/Jul/76

The Time Warner firmware on Technicolor TC8717T devices sets the default Wi-Fi passphrase to a combination of the SSID and BSSID, which makes it easier for remote attackers to obtain network access by reading...

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices...