201 matches found
Integer Overflow
autotrace is vulnerable integer overflows. A biWidthbiBitCnt integer overflow in input-bmp.c allows attackers to provide an unexpected input value to malloc via a malformed bitmap image resulting in a system hang...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
autotrace: integer overflow in input-bmp.c
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
DEBIAN-CVE-2021-40985
A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...
OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
ONLYOFFICE Document Server 缓冲区错误漏洞
ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A buffer overflow vulnerability exists in the BMP image processing of the ONLYOFFICE Document Server core module, which can be exploited by an attacke...
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
CVE-2019-19005
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
Integer overflow
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
Double free
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
CVE-2019-19005
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
CVE-2019-19005
CVE-2019-19005 affects autotrace 0.31.1 (bitmap processing). The vulnerability is described as a bitmap double free in main.c, potentially leading to unspecified impact after a prior use-after-free in CVE-2017-9182. The connected Nessus entries corroborate that autotrace 0.31.1 is vulnerable and ...
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
CVE-2019-19004
CVE-2019-19004 affects autotrace 0.31.1: an integer overflow (biWidth*biBitCnt) in input-bmp.c can cause a malformed value to be passed to malloc via a BMP image. The vulnerability is part of multiple autotrace issues (also cited as CVE-2019-19005 and CVE-2022-32323 in related advisories). Impact...
CVE-2021-21460
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...
CVE-2021-21461
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...