18 matches found
Astra Linux - уязвимость в imagemagick
ImageMagick is a open-source software suite for displaying, converting, and editing raster image files. In versions of ImageMagick prior to 7.1.2-7 and 6.9.13-32, there is an integer overflow vulnerability in the BMP decoder on 32-bit systems. The vulnerability occurs in the coders/bmp.c file,...
TencentOS Server 2: ImageMagick (TSSA-2025:1011)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:1011 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Mozilla Firefox < 52.0.1
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability...
CVE-2025-62171 ImageMagick vulnerable to denial of service via integer overflow in BMP decoder on 32-bit systems
ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...
Linux Distros Unpatched Vulnerability : CVE-2019-14289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the multiple bytes per line cas...
SUSE CVE-2004-0904
Integer overflow in the bitmap BMP decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows...
SUSE CVE-2017-2905
An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...
SUSE CVE-2019-14289
An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the "multiple bytes per line" case...
SUSE CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
autotrace: integer overflow in input-bmp.c
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
DEBIAN-CVE-2019-13568
CImg through 2.6.7 has a heap-based buffer overflow in loadbmp in CImg.h because of erroneous memory allocation for a malformed BMP image...
CVE-2017-9169
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:355:25...
DEBIAN-CVE-2016-8703
Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702...
potrace heap buffer overflow vulnerability (CNVD-2016-10134)
potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. A buffer overflow vulnerability exists in potrace bitmapio.c:744:4. An attacker could use this vulnerability to...
USN-3085-1 gdk-pixbuf vulnerabilities
It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash,...
Autodesk Design Review BMP biClrUsed Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. Autodesk Design Review suffers from a security vulnerability in the handling of BMP files due to an integer overflow test failure when multiplying the biClrUsed value by four. An attacker could exploit this vulnerability to execute arbitrary cod...
freetype: FT_Bitmap_New integer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted font, a different vulnerability than CVE-2011-0226...
DEBIAN-CVE-2004-0802
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817...