ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. Date published : 2017-12-10 https://github.com/ImageMagick/ImageMagick/issues/872 https://www.debian.org/security/2017/dsa-4074
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file. Date published : 2017-12-10 http://hg.code.sf.net/p/graphicsmagick/code/rev/460ef5e858ad https://sourceforge.net/p/graphicsmagick/bugs/522/
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file. Date published : 2017-12-10 http://hg.code.sf.net/p/graphicsmagick/code/rev/a9c425688397 https://sourceforge.net/p/graphicsmagick/bugs/521/
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file. Date published : 2017-12-10 http://www.securityfocus.com/bid/102185 http://hg.code.sf.net/p/graphicsmagick/code/rev/5b8414c0d0c4
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file. Date published : 2017-12-10 http://www.securityfocus.com/bid/102164 http://hg.code.sf.net/p/graphicsmagick/code/rev/1366f2dd9931
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. Date published : 2017-12-10 http://www.securityfocus.com/bid/102155 https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. Date...
In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the...
The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International Components for Unicode (ICU) for C/C++ through 60.1 mishandles ucnv_convertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service (stack-based...
Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script...
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the...
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the...
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Sensitive tokens are included in http GET requests under certain circumstances. Date published : 2017-12-09 http://www.securityfocus.com/bid/101843 https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Adobe Experience Manager has a reflected cross-site scripting vulnerability in the HtmlRendererServlet. Date published : 2017-12-09 http://www.securityfocus.com/bid/101834 https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html