chromium-browser: heap overflow in blink

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

UBUNTU-CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

UBUNTU-CVE-2016-3620

The ZIPEncode function in tifzip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

DEBIAN-CVE-2016-3619

The DumpModeEncode function in tifdumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

UBUNTU-CVE-2016-3619

The DumpModeEncode function in tifdumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

UBUNTU-CVE-2016-3621

The LZWEncode function in tiflzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

MariaDB 10.1.x < 10.1.7 Multiple Vulnerabilities

The version of MariaDB running on the remote host is 10.1.x prior to 10.1.7. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the baselistiterator::nextfast function within file sql/sqlparse.cc when handling multi-table updates. An...

PT-2017-9179 · Autotrace +1 · Autotrace +1

Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is related to a heap-based buffer overflow in the pstoedit suffix table init function, which can be triggered by a crafted bmp image file. This can cause a denial of service due to an...

DEBIAN-CVE-2016-5278

Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image...

USN-3085-1 gdk-pixbuf vulnerabilities

It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash,...

Debian DLA-621-1 : autotrace security update

Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array. For Debian 7 'Wheezy', this problem have been fixed in version 0.31.1-16+deb7u1...

DLA-621-1 autotrace - security update

Bulletin has no description...

UBUNTU-CVE-2016-6823

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service crash via crafted height and width values, which triggers an out-of-bounds write...

Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=826 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, which may embed bitmaps in records such as EMRPLGBLT...

Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)

Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads MS16-097 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=826 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, whi...

Apple OS X QuickTime memory corruption vulnerability (CNVD-2016-05736)

Apple OS X is a proprietary operating system developed by Apple for Mac computers, with QuickTime as one of the multimedia playback components. A memory corruption vulnerability exists in QuickTime in Apple OS X versions prior to 10.11.6. A remote attacker could exploit this vulnerability to...

Apple OS X QuickTime memory corruption vulnerability (CNVD-2016-05731)

Apple OS X is a specialized operating system developed by Apple for Mac computers, with QuickTime as one of the multimedia playback components. A memory corruption vulnerability exists in QuickTime in Apple OS X versions prior to 10.11.6. A remote attacker could exploit this vulnerability to...

Apple OS X QuickTime memory corruption vulnerability (CNVD-2016-05733)

Apple OS X is a proprietary operating system developed by Apple for Mac computers, with QuickTime as one of the multimedia playback components. A memory corruption vulnerability exists in QuickTime in Apple OS X versions prior to 10.11.6. A remote attacker could exploit this vulnerability to...