202 matches found
CVE-2017-11213
An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized...
Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
ImageMagick coders/xbm.c file denial of service vulnerability
ImageMagick is a set of open source image processing software. The software can read, convert and write images in a variety of formats. A security vulnerability exists in the coders/xbm.c file in ImageMagick, which originates from the program's failure to detect EOF End of File. A remote attacker...
UBUNTU-CVE-2017-12693
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service memory consumption via a crafted BMP file...
DEBIAN-CVE-2016-10504
Heap-based buffer overflow vulnerability in the opjmqcbyteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service application crash via a crafted bmp file...
OpenJPEG Heap Overflow Vulnerability
OpenJPEG is a C-based open source JPEG 2000 codec . A heap overflow vulnerability exists in the opjcompress component of OpenJPEG, which could be exploited by a remote attacker to conduct a denial of service attack or remotely execute arbitrary code by constructing a specially crafted BMP image...
Memory Corruption Vulnerability in Light Developer's Handling of BMP Formats
Stepok Light Developer is a professional photo post-processing tool with features that cover most of the needs of photography enthusiasts. Light Developer handles BMP format memory corruption vulnerability, attackers can use the vulnerability to construct deformed BMP files can lead to program...
jasper: missing SIZ marker segment XRsiz and YRsiz fields range check
The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...
jasper: missing jas_matrix_create() parameter checks
The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image...
Potrace Buffer Overflow Vulnerability
Potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool provides the ability to add smoothing effects, free scaling of images and other features. A buffer overflow vulnerability exists in the 'bmreadbodybmp' function in the bitmapio.c file in...
UBUNTU-CVE-2017-7263
The bmreadbodybmp function in bitmapio.c in Potrace 1.14 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for...
FastStone MaxView Denial of Service Vulnerability
FastStone MaxView is an image viewer. A denial of service vulnerability exists in FastStone MaxView versions 3.0 and 3.1. An attacker can exploit the vulnerability to cause a denial of service application crash via a misformatted BMP image with a crafted biSize field in the BITMAPINFOHEADER secti...
CVE-2017-6078
FastStone MaxView 3.0 and 3.1 allows user-assisted attackers to cause a denial of service application crash via a malformed BMP image with a crafted biSize field in the BITMAPINFOHEADER section...
UBUNTU-CVE-2016-7392
Heap-based buffer overflow in the pstoeditsuffixtableinit function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service out-of-bounds write via a crafted bmp image file...
UBUNTU-CVE-2016-8691
The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted XRsiz value in a BMP image to the imginfo command...
UBUNTU-CVE-2016-8692
The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...
UBUNTU-CVE-2016-8693
Double free vulnerability in the memclose function in jasstream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted BMP image to the imginfo command...
Heap overflow
Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...
Heap overflow
Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703...
UBUNTU-CVE-2016-8698
Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...