Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-15 | CVE-2016-9560 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. | 7.8 |
2017-02-15 | CVE-2016-9010 | 7PK - Security Features vulnerability in IBM Integration BUS and Websphere Message Broker IBM WebSphere Message Broker 9.0 and 10.0 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
2017-02-15 | CVE-2016-8972 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. | 7.8 |
2017-02-15 | CVE-2016-8968 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management 6.0.0/6.0.1/6.0.2 IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
2017-02-15 | CVE-2016-8944 | Improper Input Validation vulnerability in IBM AIX 7.1/7.2 IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. | 5.5 |
2017-02-15 | CVE-2016-8866 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. | 8.8 |
2017-02-15 | CVE-2016-8862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. | 8.8 |
2017-02-15 | CVE-2016-8693 | Double Free vulnerability in multiple products Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command. | 7.8 |
2017-02-15 | CVE-2016-8692 | Divide By Zero vulnerability in multiple products The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command. | 5.5 |
2017-02-15 | CVE-2016-8691 | Divide By Zero vulnerability in multiple products The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command. | 5.5 |