» 2017 » 2월

CVE-2016-5240 (graphicsmagick)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2016-5240 (graphicsmagick)

The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.

Source: CVE-2016-5240 (graphicsmagick)

CVE-2015-8901 (imagemagick)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2015-8901 (imagemagick)

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

Source: CVE-2015-8901 (imagemagick)

CVE-2015-8902 (imagemagick)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2015-8902 (imagemagick)

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

Source: CVE-2015-8902 (imagemagick)

CVE-2015-8900 (imagemagick)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2015-8900 (imagemagick)

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.

Source: CVE-2015-8900 (imagemagick)

CVE-2015-8903 (imagemagick)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2015-8903 (imagemagick)

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

Source: CVE-2015-8903 (imagemagick)

CVE-2016-9817 (xen)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2016-9817 (xen)

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set.

Source: CVE-2016-9817 (xen)

CVE-2016-9816 (xen)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2016-9816 (xen)

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2.

Source: CVE-2016-9816 (xen)

CVE-2016-10029 (qemu)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2016-10029 (qemu)

The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.

Source: CVE-2016-10029 (qemu)

CVE-2016-10028 (qemu)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2016-10028 (qemu)

The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.

Source: CVE-2016-10028 (qemu)

CVE-2016-9818 (xen)

Posted on 2017년 2월 28일2017년 3월 1일 by admin

CVE-2016-9818 (xen)

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP.

Source: CVE-2016-9818 (xen)