Log

CVE-2017-9253 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ the mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a
+ denial of service(large loop and CPU consumption) via a crafted mp4 file.
References
+ http://seclists.org/fulldisclosure/2017/Jun/32
Notes
CVE-2017-9254 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ the mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a
+ denial of service(large loop and CPU consumption) via a crafted mp4 file.
References
+ http://seclists.org/fulldisclosure/2017/Jun/32
Notes
CVE-2017-9255 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ the mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a
+ denial of service(large loop and CPU consumption) via a crafted mp4 file.
References
+ http://seclists.org/fulldisclosure/2017/Jun/32
Notes
CVE-2017-9256 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ the mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 can cause a
+ denial of service(large loop and CPU consumption) via a crafted mp4 file.
References
+ http://seclists.org/fulldisclosure/2017/Jun/32
Notes
CVE-2017-9257 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ the mp4ff_read_ctts in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows can cause a
+ denial of service(large loop and CPU consumption) via a crafted mp4 file.
References
+ http://seclists.org/fulldisclosure/2017/Jun/32
Notes
CVE-2017-9287 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A double-free flaw was found in the way OpenLDAP's slapd server <= 2.4.44 using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query by including the Paged Results control with a page size of 0.
References
+ http://www.openldap.org/its/?findid=8655
+ https://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=0cee1ffb6021b1aae3fcc9581699da1c85a6dd6e
Notes
CVE-2017-9300 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ It was discovered that plugins\codec\libflac_plugin.so in VideoLAN VLC media player before 2.2.7 allows remote attackers to cause a heap corruption and application crash leading to denial of service or possibly execution of arbitrary code via a crafted FLAC file.
References
+ https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3
Notes
CVE-2017-9343 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ An issue has been found in the MSNIP dissector of Wireshark < 2.2.7, where NULL pointer dereference can be triggered by injecting a malicious packet into the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-30.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725
Notes
CVE-2017-9344 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ An issue has been found in the BT L2CAP dissector of Wireshark < 2.2.7, where a division by zero can be triggered by injecting a malicious packet into the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-29.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
Notes
CVE-2017-9345 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ An issue has been found in the DNS dissector of Wireshark < 2.2.7, where an infinite loop can be triggered by injecting a malicious packet into the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2017-26.html
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
Notes