Results of fuzzing activities

libofx Segmentation fault with crafted sample in lib/ofx_containers_misc.cpp OfxPushUpContainer::add_attribute

libofx CVE-2017-14731: ofxdump heap-buffer-overflow

libwpd: Segmentation fault in src/lib/WPXTable.h:89 WPXTableList::operator

LAME: buffer overflow in HIP decoder

MongoDB: multiple reported issues

CVE-2017-14348: LibRaw 0.18.3 Heap-based buffer overflow in LibRaw::processCanonCameraInfo

CVE-2017-13049: The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().

libicns heap-buffer-overflow icns2png.c:359 ExtractAndDescribeIconFamilyFile

LAME global-buffer-overflow mpglib/layer2.c:144 II_step_one in 2017-08-22 CVS

LAME global-buffer-overflow mpglib/layer3.c:1244 III_i_stereo in 2017-08-19 CVS

LAME stack-buffer-overflow mpglib/layer3.c:945 III_dequantize_sample in 2017-08-19 CVS

LAME stack-buffer-overflow mpglib/layer3.c:1264 III_i_stereo in 2017-08-18 CVS

LAME global-buffer-overflow mpglib/layer2.c:144 II_step_one in 2017-08-18 CVS

LAME double-free in 2017-08-18 CVS

giflib Floating point exception in giftext utility in function PrintCodeBlock

exifprobe multiple vulnerabilities

CVE-2017-5340: PHP 7 Use of uninitialized memory in unserialize
Fixed in 7.1.1 and 7.0.15.

CVE-2016-9448: LibTIFF invalid read of size 1 in TIFFFetchNormalTag

CVE-2016-9532: LibTIFF tiffcrop tool heap buffer overflow via writeBufferToSeparateStrips

CVE-2016-5102: libtiff gif2tiff tool buffer overflow in readgifimage()

CVE-2016-3977: giflib gif2rgb heap buffer overflow

CVE-2016-3982: optipng heap buffer overflow pngxrbmp.c bmp_read_rows
Debian DSA-3546 Ubuntu USN-2951-1

CVE-2016-3981: optipng heap buffer overflow pngxrbmp.c bmp_rle4_fread
Debian DSA-3546 Ubuntu USN-2951-1

poppler: segmentation fault in XRef::getEntry at

metacam: SIGBUS, Bus error at

metacam: segmentation fault at getRATIONAL

metacam: segmentation fault in tiffRATIONAL::normalize at

exifprobe: denial of service

exifprobe: double free or corruption

dmg2img: denial of service issue

dmg2img: convert_char8 out of bounds, segmentation fault at dmg2img.h:87

dmg2img: ADC decompress segmentation fault at adc.c:66

dmg2img: invalid read, segmentation fault at dmg2img.c:390

lame: segmentation fault at get_audio.c:865

lame: fill_buffer_resample segmentation fault

PyPDF2: Denial of service
Fixed in Debian 8.6 point update with a patch.

enzyme: multiple input handling issues
Diaoul/enzyme/9 Diaoul/enzyme/10 Diaoul/enzyme/11
Diaoul/enzyme/12 Diaoul/enzyme/13 Diaoul/enzyme/14
Diaoul/enzyme/15 Diaoul/enzyme/16 Diaoul/enzyme/17
Diaoul/enzyme/18 Diaoul/enzyme/19 Diaoul/enzyme/20
Diaoul/enzyme/21 Diaoul/enzyme/22