Download
| Alert*
oval:org.secpod.oval:def:110049
The libpng package contains a library of functions for creating and manipulating PNG image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you ... oval:org.secpod.oval:def:602338 Several vulnerabilities have been discovered in the libpng PNG library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8472 It was discovered that the original fix for CVE-2015-8126 was incomplete and did not detect a potential overrun by applications us ... oval:org.secpod.oval:def:109859 The libpng12 package provides libpng 1.2, an older version of the libpng library for manipulating PNG image format files. This version should be used only if you are unable to use the current version of libpng. oval:org.secpod.oval:def:702907 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:33708 The host is installed with Apple Mac OS X or Server 10.9.5, 10.10.5 or 10.11.x before 10.11.4 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a malicious crafted .png file. Successful exploitation could allow remote atta ... oval:org.secpod.oval:def:1200129 It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer ove ... oval:org.secpod.oval:def:505456 IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40. Security Fix: * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Softw ... oval:org.secpod.oval:def:33656 The host is missing a security update according to Apple advisory, APPLE-SA-2016-03-21-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:1501269 The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ... oval:org.secpod.oval:def:400791 This update for java-1_8_0-ibm fixes the following security issues by updating to 8.0-2.10 : - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack whe ... oval:org.secpod.oval:def:109875 The libpng10 package contains an old version of libpng, a library of functions for creating and manipulating PNG image format files. This package is needed if you want to run binaries that were linked dynamically with libpng 1.0.x. oval:org.secpod.oval:def:109996 The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG image format files. This version should be used only if you are unable to use the current version of libpng. oval:org.secpod.oval:def:109917 The libpng12 package provides libpng 1.2, an older version of the libpng library for manipulating PNG image format files. This version should be used only if you are unable to use the current version of libpng. oval:org.secpod.oval:def:505586 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM ... oval:org.secpod.oval:def:1501271 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. oval:org.secpod.oval:def:1501273 The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ... oval:org.secpod.oval:def:400762 java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 - CVE-2015-8126: Vulnerability in the AWT component related to splashs ... oval:org.secpod.oval:def:505595 IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Secur ... oval:org.secpod.oval:def:109817 The libpng10 package contains an old version of libpng, a library of functions for creating and manipulating PNG image format files. This package is needed if you want to run binaries that were linked dynamically with libpng 1.0.x. oval:org.secpod.oval:def:110000 The libpng15 package provides libpng 1.5, an older version of the libpng. library for manipulating PNG image format files. This version should be used only if you are unable to use the current version of libpng. oval:org.secpod.oval:def:52662 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:400624 java-1_8_0-openjdk was updated to version 7u95 to fix several security issues. The following vulnerabilities were fixed: - CVE-2015-7575: Further reduce use of MD5 - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT compon ... oval:org.secpod.oval:def:501722 The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ... oval:org.secpod.oval:def:501725 The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ... oval:org.secpod.oval:def:501734 The libpng12 packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried t ... oval:org.secpod.oval:def:89045137 This update for java-1_7_1-ibm fixes the following issues by updating to 7.1-3.30 : - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using t ... oval:org.secpod.oval:def:400752 This update for java-1_7_1-ibm fixes the following issues by updating to 7.1-3.30 : - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using t ... oval:org.secpod.oval:def:204192 The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ... oval:org.secpod.oval:def:204198 The libpng12 packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried t ... oval:org.secpod.oval:def:505421 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Secur ... oval:org.secpod.oval:def:203786 The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE and png_set_PLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to ... oval:org.secpod.oval:def:34892 The host is missing a patch containing a security fixes, which affects the following package(s): Java |