Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in impersonation of Kerberos services, denial of service, unauthorized access, sandbox bypass or HTTP header injection.
It was discovered that sam2p, a utility to convert raster images and other image formats, was affected by an integer overflow vulnerability with resultant heap-based buffer overflow in input-bmp.ci because width and height multiplications occur unsafely. This may lead to an
An integer overflow vulnerability was found in optipng, an advanced PNG optimizer that also recognizes other external file formats. This may lead to arbitrary code execution when a maliciously crafted TIFF file is processed.
Volker Lendecke of SerNet and the Samba team discovered that Samba, a SMB/CIFS file, print, and login server for Unix, is prone to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared.