UBUNTU-CVE-2016-8700

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...

DEBIAN-CVE-2016-8698

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...

CVE-2016-8699

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703...

UBUNTU-CVE-2016-8696

The bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695...

UBUNTU-CVE-2016-8703

Heap-based buffer overflow in the bmreadbodybmp function in bitmapio.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702...

CVE-2016-8699

CVE-2016-8699 is a heap-based buffer overflow in the bm_readbody_bmp function of bitmap_io.c in Potrace, affecting versions before 1.13. The issue can be exploited by processing a crafted BMP image, with impact described as unspecified in the original entry. Connected sources reference CVE-2016-8...

[SECURITY] Fedora 25 Update: ghostscript-9.20-6.fc25

Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...

DEBIAN-CVE-2017-5563

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tiflzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff...

DEBIAN-CVE-2016-5319

Heap-based buffer overflow in tifpackbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file...

UBUNTU-CVE-2016-5319

Heap-based buffer overflow in tifpackbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file...

Design/Logic Flaw

Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2016-5209

Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2016-5209

Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2016-5209

Removed by vendor...

CVE-2016-5209

The CVE-2016-5209 issue affects Blink in Google Chrome on desktop (Mac/Windows/Linux) and Android where a bad casting in bitmap manipulation could trigger a heap-write/heap-corruption through a crafted HTML page. Root cause: an out-of-bounds write in Blink/WebKit as described for this CVE. Impact...

DEBIAN-CVE-2016-6823

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service crash via crafted height and width values, which triggers an out-of-bounds write...

Microsoft Windows 8.1 (x64) RGNOBJ Integer Overflow

include include include include include include include HANDLE hWorker, hManager; BYTE bits; //dt nt!EPROCESS UniqueProcessID ActiveProcessLinks Token typedef struct DWORD UniqueProcessIdOffset; DWORD TokenOffset; VersionSpecificConfig; VersionSpecificConfig gConfig = 0x2e0, 0x348 ; //win 8.1 voi...

MS15-072: Vulnerability in Windows graphics component could allow elevation of privilege: July 14, 2015

MS15-072: Vulnerability in Windows graphics component could allow elevation of privilege: July 14, 2015 Summary This security update resolves a vulnerability in Windows that could allow elevation of privilege if the Windows graphics component fails to correctly process bitmap conversions. An...

ghostscript security update

CentOS Errata and Security Advisory CESA-2017:0013 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...