Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28037 of 28105

CVE-2017-7452

Posted by Cyberthreat Blog | Apr 5, 2017 | CVE Notifications |

The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

CVE-2017-7454

Posted by Cyberthreat Blog | Apr 5, 2017 | CVE Notifications |

The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2017-7453

Posted by Cyberthreat Blog | Apr 5, 2017 | CVE Notifications |

The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

CVE-2017-7447

Posted by Cyberthreat Blog | Apr 5, 2017 | CVE Notifications |

HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.

CVE-2017-7446

Posted by Cyberthreat Blog | Apr 5, 2017 | CVE Notifications |

HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.

Author: Cyberthreat Blog

CVE-2017-7452

CVE-2017-7454

CVE-2017-7453

CVE-2017-7447

CVE-2017-7446