PT-2018-11598 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.15 is not specified, however, the issue is in versions through 4.14. Description: An issue in the Linux kernel can cause a denial of service due to out-of-bounds memory access and BUG when mounting a crafte...

PhotoArtist 2 Handles BMP with Denial of Service Vulnerability

PhotoArtist 2 is a photo manipulation tool. PhotoArtist 2 suffers from a denial of service vulnerability when processing BMP format, which can be exploited to cause a program crash by constructing a malformed BMP image that can be successfully exploited to cause arbitrary code execution...

EximiousSoft GIF Creator v7.31 Memory Corruption Vulnerability in Processing BMP Images

EximiousSoft GIF Creator is an animated GIF creator. EximiousSoft GIF Creator suffers from a memory corruption vulnerability when handling the BMP format. An attacker can cause the program to crash by constructing a malformed BMP image...

EximiousSoft Banner Maker v5.45 Handles BMP with Memory Corruption Vulnerability

EximiousSoft Banner Maker is an image manipulation tool. EximiousSoft Banner Maker suffers from a memory corruption vulnerability when processing the BMP format. An attacker can cause the program to crash by constructing a malformed BMP image, which if successfully exploited can lead to arbitrary...

flash-plugin: multiple code execution issues fixed in APSB17-33

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized...

CVE-2017-11213

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized...

libreoffice/pngfuzzer: Container-overflow in BitmapColor::GetBlue

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5533260961546240 Project: libreoffice Fuzzer: libFuzzerlibreofficepngfuzzer Fuzz target binary: pngfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type: Container-overflow...

Exploit for CVE-2016-3309

Kernel Exploitation Case Study - "Wild" Pool Overflow on Win1...

Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Lazy async SVG rasterisation

Phwoar I love a good sciency-sounding title. SVG can be slow When transforming an SVG image, browsers try to render on every frame to keep the image as sharp as possible. Unfortunately SVG rendering can be slow, especially for non-trivial images. Here's a demo, press "Scale SVG". Devtools timelin...

ImageMagick coders/xbm.c file denial of service vulnerability

ImageMagick is a set of open source image processing software. The software can read, convert and write images in a variety of formats. A security vulnerability exists in the coders/xbm.c file in ImageMagick, which originates from the program's failure to detect EOF End of File. A remote attacker...

UBUNTU-CVE-2017-12693

The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service memory consumption via a crafted BMP file...

OpenJPEG integer overflow vulnerability (CNVD-2017-243227)

OpenJPEG is a C-based open source JPEG 2000 codec . An integer overflow vulnerability exists in the 'bmp24toimage' function of the convertbmp.c file in versions of OpenJPEG prior to 2.2.0. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer out-of-bounds read...

DEBIAN-CVE-2016-10507

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted bmp file...

DEBIAN-CVE-2016-10504

Heap-based buffer overflow vulnerability in the opjmqcbyteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service application crash via a crafted bmp file...

CVE-2017-13673

An assert failure issue was found in the VGA display emulator built into the Quick emulator QEMU. It could occur while updating graphics display, due to miscalculating region for dirty bitmap snapshot in split screen mode. A privileged user/process inside guest could use this flaw to crash the QE...

OpenJPEG Heap Overflow Vulnerability

OpenJPEG is a C-based open source JPEG 2000 codec . A heap overflow vulnerability exists in the opjcompress component of OpenJPEG, which could be exploited by a remote attacker to conduct a denial of service attack or remotely execute arbitrary code by constructing a specially crafted BMP image...

CVE-2017-13673

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service assertion failure in the cpuphysicalmemorysnapshotgetdirty function...

DEBIAN-CVE-2017-13673

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service assertion failure in the cpuphysicalmemorysnapshotgetdirty function...

CVE-2017-13673

The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service assertion failure in the cpuphysicalmemorysnapshotgetdirty function...