Articles with tag: Advisories
POSTED BY: Stelios Tsampas / 11.01.2016

GDCM out of bounds read in JPEGLSCodec :: DecodeExtent

CENSUS ID:CENSUS-2016-0002
CVE ID:CVE-2015-8397
Affected Products:Applications that use GDCM versions < 2.6.2 to process JPEG-LS images
Class:Out-of-bounds Read (CWE-125)
Discovered by:Stelios Tsampas

Grassroots DICOM (GDCM) is a C++ library for processing DICOM medical images. It provides routines to view and manipulate a wide range of image formats and can be accessed through many popular programming languages like Python, C#, Java and PHP. Various applications that make use of GDCM are listed here and here.


POSTED BY: Stelios Tsampas / 11.01.2016

GDCM buffer overflow in ImageRegionReader :: ReadIntoBuffer

CENSUS ID:CENSUS-2016-0001
CVE ID:CVE-2015-8396
Affected Products:Applications using GDCM versions < 2.6.2 and the ImageRegionReader :: ReadIntoBuffer API call
Class:Integer Overflow or Wraparound (CWE-190)
Discovered by:Stelios Tsampas

Grassroots DICOM (GDCM) is a C++ library for processing DICOM medical images. It provides routines to view and manipulate a wide range of image formats and can be accessed through many popular programming languages like Python, C#, Java and PHP. Various applications that make use of GDCM are listed here and here.


POSTED BY: Dimitrios Glynos / 12.05.2014

Oracle WebCenter information exposure vulnerability

CENSUS ID:CENSUS-2014-0001
CVE ID:CVE-2014-0450
Oracle Tracking #:S0388414 (CPUApr2014)
Affected Products:Oracle Fusion Middleware (versions 11.1.1.7 and 11.1.1.8)
Class:Information Exposure (CWE-200), Privacy Violation (CWE-359)
Remote:Yes
Discovered by:Alex Zaharis
Researched by:Alex Zaharis, Patroklos Argyroudis

The Oracle WebCenter portal component in Oracle Fusion Middleware (versions 11.1.1.7 and 11.1.1.8) is vulnerable to an information exposure vulnerability. A malicious user may utilize this vulnerability to gain unauthenticated access to the list of valid usernames of the system, the users’ personal information and files linked to the users’ profiles.


POSTED BY: Dimitrios Glynos / 25.02.2012

libpurple OTR information leakage

census ID:census-2012-0001
CVE ID:CVE-2012-1257
Affected Products:libpurple (all versions), libpurple clients with DBUS support (incl. all versions of pidgin), pidgin-otr (all versions)
Class:Information Exposure (CWE-200), Privacy Violation (CWE-359), Information Exposure Through Sent Data (CWE-201)
Remote:No
Discovered by:Dimitris Glynos

libpurple-based applications broadcast the plaintext of OTR (off-the-record) conversations over DBUS. This makes the plaintext available to other (possibly unrelated) applications executing under the same user. Also, due to a design flaw in libpurple, the user’s choice of not logging OTR plaintext on Pidgin is not communicated over to the third party applications listening on DBUS. This may lead to unintentional (on disk) logging of private messages.