Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-10 | CVE-2017-6314 | Infinite Loop vulnerability in multiple products The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file. | 5.5 |
| 2017-03-10 | CVE-2017-6312 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations. | 5.5 |
| 2017-03-07 | CVE-2016-5315 | Out-of-bounds Read vulnerability in multiple products The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | 5.5 |
| 2017-03-07 | CVE-2013-5653 | Information Exposure vulnerability in multiple products The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file. | 5.5 |
| 2017-03-06 | CVE-2017-6500 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ImageMagick 6.9.7. | 5.5 |
| 2017-03-06 | CVE-2017-6499 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in Magick++ in ImageMagick 6.9.7. | 5.5 |
| 2017-03-06 | CVE-2017-6498 | Improper Input Validation vulnerability in multiple products An issue was discovered in ImageMagick 6.9.7. | 5.5 |
| 2017-03-01 | CVE-2016-9830 | Improper Input Validation vulnerability in multiple products The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. | 5.5 |
| 2017-03-01 | CVE-2017-5976 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | 5.5 |
| 2017-03-01 | CVE-2017-5975 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | 5.5 |