40 matches found
USN-4316-1: GD Graphics Library vulnerabilities
It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. CVE-2018-14553 It was discovered that GD Graphics Library incorrectly handled loading images from X...
ImageMagick: infinite loop in coders/bmp.c
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...
UBUNTU-CVE-2019-7398
In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c...
Socusoft Photo To Video Converter Handles BMP with Memory Corruption Vulnerability
Socusoft Photo To Video Converter is a free slideshow maker that converts a bunch of photos into one video file. Socusoft Photo To Video Converter handles BMP with a memory corruption vulnerability that can be exploited by attackers to cause the program to crash by constructing malformed BMP imag...
UBUNTU-CVE-2018-12599
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file...
Memory Corruption Vulnerability in 2345 Viewer V9.0
2345 Viewer is one of the fastest and most format-compatible high-definition image viewing software. A memory corruption vulnerability exists in 2345 Viewer V9.0 when parsing the BMP file format, which allows an attacker to construct a malicious BMP image file to trigger a memory corruption,...
Memory Corruption Vulnerability in Eggplant Beauty Photo Processing BMP Format Files
Eggflower Beauty Photo is a photo manipulation program. A memory corruption vulnerability exists in Eggflower Beauty Photo's handling of BMP format files. This allows attackers to cause the program to crash by constructing malformed BMP images...
Memory Corruption Vulnerability in BMP Image Processing by Universal Viewer
Universal Picture Viewer is an image viewing tool. Universal Picture Viewer has a memory corruption vulnerability when dealing with BMP format images, which allows an attacker to construct a malformed BMP format that can cause the program to crash, and if successfully exploited, can lead to...
DEBIAN-CVE-2016-2191
The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image...
Picture Window Pro Handles BMP Images Multiple Memory Corruption Vulnerabilities
Picture Window Pro is an image processing software. Multiple memory corruption vulnerabilities exist in the tool's handling of the BMP format, which can be exploited by attackers to construct malformed BMP images and crash the program. Successful exploitation could lead to arbitrary code executio...
Updated gdk-pixbuf2.0 package fixes security vulnerability
Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf. This issue is triggered by the scaling of a malformed bitmap format image and results in a potentially exploitable crash CVE-2015-4491...
Mandriva Linux Security Advisory : firefox (MDVSA-2012:145)
Security issues were identified and fixed in mozilla firefox : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we...
Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2012:147)
Security issues were identified and fixed in mozilla thunderbird : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we...
Mandriva Update for firefox MDVSA-2012:145 (firefox)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for mozilla-thunderbird MDVSA-2012:147 (mozilla-thunderbird)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Memory corruption with bitmap format images with negative height — Mozilla
Security researcher Frédéric Hoguin reported two related issues with the decoding of bitmap .BMP format images embedded in icon .ICO format files. When processing a negative "height" header value for the bitmap image, a memory corruption can be induced, allowing an attacker to write random memory...
Opera 9.50 beta and prior remote DoS (freeze)
Name : Opera 9.50 beta / 9.24 Remote DoS Type : Remote DoS Credits: Gynvael Coldwind of Vexillium & Simey Impact : Low Short description Opera is vulnerable to a remote DoS attack, using spacially crafted BMP files, that causes the browser to freeze for a short amount of time around 4 minutes on...
Gimp image loader multiple input validation flaws
The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...
DEBIAN-CVE-2007-3473
The gdImageCreateXbm function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors involving a gdImageCreate failure...
security flaw
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via malformed 1 AVI, 2 BMP, or 3 DIB files...