DEBIAN-CVE-2021-39257

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...

AZL-6762 CVE-2021-39257 affecting package ntfs-3g for versions less than 2021.8.22-1

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...

UBUNTU-CVE-2021-39257

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...

Tuxera NTFS-3G 安全漏洞

Tuxera NTFS-3G is an open source, cross-platform set of drivers from Tuxera Finland for supporting read and write NTFS partitions.A security vulnerability exists in Tuxera NTFS-3G, which stems from the fact that a manual NTFS image with an unallocated bitmap can lead to an endless chain of...

PT-2021-5778 · Ntfs-3G +7 · Ntfs-3G +7

Name of the Vulnerable Software and Affected Versions: NTFS-3G versions prior to 2021.8.22 Description: The issue is related to the ntfs attr pwrite function in the NTFS-3G file system driver, which is affected by uncontrolled recursion. This can be exploited by an attacker using a specially...

OESA-2021-1288 optipng security update

Security Fixes: Off-by-one error in the bmprle4fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer...

(Pwn2Own) Microsoft Windows win32kfull Bitmap Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2021-34333

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in double free of an allocated...

CVE-2021-34318

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCT files. This could result in an out of bounds write past the end of an...

CVE-2021-34308

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an...

CVE-2021-34298

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPLoader.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing BMP files. An attack...

CVE-2021-34297

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds write past the end of an...

Siemens JT2GO 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A buffer over-read vulnerability exists in...

Siemens JT2GO 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A memory corruption vulnerability exists in...

Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. An out-of-bounds read vulnerability exists i...

Siemens Jt2go资源管理错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens AG, Germany. Siemens Jt2go is a JT file viewer. A remote code execution vulnerability exists in Siemens JT2Go versions prior to 13.2 and Teamcenter Visualization versions prior to 13.2, which stems from a failure of t...

PT-2021-20448 · Jt2Go +1 · Jt2Go +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V13.2 Teamcenter Visualization versions prior to V13.2 Description: A vulnerability has been identified in the BMP loader.dll library, which lacks proper validation of user-supplied data when parsing PCX files. This...

Siemens Jt2go 和 Siemens Teamcenter Visualization 资源管理错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of the German company Siemens. Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A remote code execution vulnerability...

The vulnerability of the coders/bmp.c component in the console-based graphic editor ImageMagick, related to integer overflow of values, allows a hacker to cause a service failure.

The vulnerability of the coders/bmp.c component in the console-based graphic editor ImageMagick is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to cause a service failure by using a specially created file...

SELinux 缓冲区错误漏洞

SELinux is a Linux subsystem from the National Security Agency that uses a secure architecture that allows administrators to better control who has access to the system. A security vulnerability exists in SELinux version 3.2, which stems from a heap-based buffer overflow in the CIL compiler in...