SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step==SQLITE_ROW` is false and a data structure is never initialized. An attacker might use this for a denial of service. Fixed in:¶ 3.21.0
The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A flaw was discovered in the JNLP implementation in IcedTea-Web. An unsigned Java Web Start application could use this flaw to manipulate the co ...
The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. Note: The RHSA-2010:0987 and RHSA-2011:029 ...
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE and Java for Business Critical Patch Update Advisory page, listed in the References se ...
Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Description The IcedTea-Web ...
CVE-2017-7592: Left shift of unsigned char without a cast. The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image.
CVE-2017-7592: Left shift of unsigned char without a cast; The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image.