CVE-2017-14165
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the...
Read MoreAuthor: Cyberthreat Blog
CVE-2017-14164
A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow...
Read MoreVU#112992: Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML data
Vulnerability Note VU#112992 <h2>Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML data</h2> <p class=”meta-text”>Original Release date: 06 Sep 2017 | Last revised: 06 Sep...
Read MoreWrap Up of CERT Best Practices to Mitigate Insider Threats Series
We hope you enjoyed our 20-part blog series describing the best practices included in the Common Sense Guide to Mitigating Insider Threats published by the CERT Insider Threat Center. Our goal for the series was to highlight...
Read MoreCVE-2017-12476
The AP4_AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4...
Read More