Lucene search
K

2474 matches found

CVE
CVE
added 2007/04/11 1:0 a.m.62 views

CVE-2007-1943

CVE-2007-1943 affects ACDSee Photo Manager 9.0, where an integer overflow occurs while processing BMP images with large widths. This context-dependent vulnerability can cause a denial of service and potentially allow arbitrary code execution, as demonstrated by crafted BMP files (e.g., w3intof.bm...

9.3CVSS7.6AI score0.09371EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2007/04/11 1:0 a.m.64 views

CVE-2007-1946

CVE-2007-1946 is described as an integer overflow in Windows Explorer on Windows XP SP1 that could allow denial of service and possibly arbitrary code execution via a crafted BMP image (w4intof.bmp). The connected OpenVAS and FreeBSD VuXML entries reference BMP/image parsing-related overflow issu...

10CVSS7.7AI score0.26065EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/04/11 1:0 a.m.28 views

CVE-2007-1946

Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp...

7.7AI score0.26065EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/04/11 1:0 a.m.23 views

CVE-2007-1943

Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp...

7.6AI score0.09371EPSS
Exploits1References8
CVE
CVE
added 2007/04/11 1:0 a.m.50 views

CVE-2007-1942

FastStone Image Viewer 2.9 is affected by CVE-2007-1942 due to an integer overflow while processing BMP images. The vulnerability allows a context‑dependent attacker to cause a denial of service and potentially execute arbitrary code, as demonstrated by crafted BMPs wh3intof.bmp and wh4intof.bmp....

9.3CVSS7.5AI score0.09082EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/04/11 1:0 a.m.27 views

CVE-2007-1942

Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp...

7.5AI score0.09082EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/04/11 1:0 a.m.29 views

CVE-2007-1948

Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the 1 xoffset or 2 yoffset RLE command, or 3 large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp...

7.7AI score0.08256EPSS
Exploits1References5
exploitpack
exploitpack
added 2007/04/04 12:0 a.m.14 views

IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities

IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities // source: https://www.securityfocus.com/bid/23318/info IrfanView is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issue...

Exploits0
exploitpack
exploitpack
added 2007/04/04 12:0 a.m.19 views

ACDSee 9.0 Photo Manager - Multiple .BMP Denial of Service Vulnerabilities

ACDSee 9.0 Photo Manager - Multiple .BMP Denial of Service Vulnerabilities // source: https://www.securityfocus.com/bid/23317/info ACDSee 9.0 Photo Manager is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successful...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/04 12:0 a.m.21 views

IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities

// source: https://www.securityfocus.com/bid/23318/info IrfanView is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issues allows attackers to crash the affected application. Due to the...

7AI score
Exploits0
FreeBSD
FreeBSD
added 2007/04/04 12:0 a.m.33 views

p5-Imager -- possibly exploitable buffer overflow

Imager 0.56 and all earlier versions with BMP support have a security issue when reading compressed 8-bit per pixel BMP files where either a compressed run of data or a literal run of data overflows the scan-line. Such an overflow causes a buffer overflow in a malloc allocated memory buffer,...

9.3CVSS6.9AI score0.09082EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2007/03/27 11:7 p.m.53 views

USN-445-1: XMMS vulnerabilities

Sven Krewitt of Secunia Research discovered that XMMS did not correctly handle BMP images when loading GUI skins. If a user were tricked into loading a specially crafted skin, a remote attacker could execute arbitrary code with user privileges...

9.3CVSS5.5AI score0.06479EPSS
Exploits0
myhack58
myhack58
added 2006/12/13 12:0 a.m.20 views

Hacking tricks of using pictures do Trojan applications completely resolution-vulnerability warning-the black bar safety net

What is a BMP web page Trojan. It and last long with the stink of a MIME header vulnerability of Trojans different, MIME Trojans is to put an EXE file with a MIME-encoded as an EMLOUT LOOK mailthe file, put it on a web page using IE and OE coding vulnerability to automatically download and execut...

0.3AI score
Exploits0
myhack58
myhack58
added 2006/11/22 12:0 a.m.16 views

Hidden in the picture behind the secret-vulnerability warning-the black bar safety net

The image size is not the same, browse pictures when you can't see the slightest problem, whether you think its a picture of a seemingly ordinary BMP picture, but hidden mystery for? Want to Ferret out hidden in the picture behind the secret, then essay with the beginning today of the mysterious...

Exploits0
myhack58
myhack58
added 2006/11/14 12:0 a.m.24 views

Use of pictures do Trojan applications completely resolution-vulnerability warning-the black bar safety net

What is a BMP web page Trojan? It and last long with the stink of a MIME header vulnerability of Trojans different,MIME Trojans is to put an EXE file with a MIME-encoded as an EMLOUT LOOK mailthe file,put in on a web page using IE and OE coding vulnerability to automatically download and execute...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/10/15 12:0 a.m.34 views

Re: Secunia Research: Microsoft Windows Object Packager Dialog Spoofing

I knew about this particular flaw for some time . honestly I found it by accident, like I think the the security researcher from secunia did...or maybe it leaked from where I posted it?!?!?!!! :P. This could be a bit more critical if : 1 a '' not a '/' was placed at the end of the command line...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/03 12:0 a.m.23 views

CentOS 3 / 4 : gtk2 (CESA-2005:344)

Updated gtk2 packages that fix a double free vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating graphical user interfaces for the X Window...

7.5CVSS5.3AI score0.03904EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2006/06/01 5:19 p.m.5 views

security flaw

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

5.1CVSS6.1AI score0.07628EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2006/05/31 12:0 a.m.18 views

Mandrake Linux Security Advisory : dia (MDKSA-2006:093)

A format string vulnerability in Dia allows user-complicit attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

7.5CVSS5.5AI score0.07628EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2006/05/19 9:2 p.m.25 views

CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

5.1CVSS6.2AI score0.07628EPSS
Exploits1References2
Rows per page
Query Builder