Microsoft Windows Kernel Bitmap Handling CVE-2015-1722 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and corrupt kernel memory. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for...

USN-2626-1 qt4-x11, qtbase-opensource-src vulnerabilities

Wolfgang Schenk discovered that Qt incorrectly handled certain malformed GIF images. If a user or automated system were tricked into opening a specially crafted GIF image, a remote attacker could use this issue to cause Qt to crash, resulting in a denial of service. This issue only applied to...

IBM Domino Stack Buffer Overflow Vulnerability (CNVD-2015-03371)

IBM Domino is the U.S. IBM's set of e-mail, document database, rapid application development technology and Web technology as one of the e-mail and clustering platform. A stack buffer overflow vulnerability in IBM Domino 8.5 FP6 IF7 before 8.5.3 and 9.0 FP3 IF3 before 9.0.1 allows remote attacker...

UBUNTU-CVE-2015-1858

Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service segmentation fault and crash and possibly execute arbitrary code via a crafted BMP image...

SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 10487)

LibXFont was updated to fix security problems that could be used by local attackers to gain X server privileges root. The following security issues have been fixed : - The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries...

USN-2553-1 tiff vulnerabilities

William Robinet discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user...

Potrace Integer Overflow Vulnerability

potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. An integer overflow vulnerability exists in potrace version 1.11. A remote attacker can exploit this...

UBUNTU-CVE-2013-7437

Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow...

CVE-2013-7437

Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow...

DEBIAN-CVE-2013-7437

Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow...

DEBIAN-CVE-2015-0295

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...

MGASA-2015-0113 Updated libxfont package fixes security vulnerabilities

The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures...

X.Org libXfont bitmap/bdfread.c Null Pointer Reference Denial of Service Vulnerability

X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation and is open source free software. libXfont is an X font handling library for servers and utilities. A security vulnerability in the 'bdfReadCharacters' function in the bitmap/bdfread.c file in...

DEBIAN-CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

UBUNTU-CVE-2015-1802

The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly execute arbitrary code via a 1 negative or 2 large property count in a BDF font file...

IcoFx Handles BMP File Memory Corruption Vulnerability

IcoFX is a free icon design editing tool. IcoFX software suffers from a memory corruption vulnerability in the processing logic of BMP images, which allows attackers to exploit the vulnerability to parse malformed images and cause the program to crash and exit...

Memory Corruption Vulnerability in pmview Pro's Processing of BMP Images

PMView Pro is a super-fast viewing software that also supports multiple graphic formats for graphic viewing, editing, and conversion software, supporting filters, printing, automatic thumbnail generation, as well as screen copy, graphic scanning, SlideShow creation, and support for rotating the...

Memory Corruption Vulnerability in Ashampoo Photo Commander's BMP Image Processing

Ashampoo Photo Commander Free is a photo management software from Germany. A memory corruption vulnerability exists in Ashampoo Photo Commander's handling of BMP images, allowing attackers to exploit the vulnerability to parse malformed programs and cause the application to crash...

FreeType 'tt_sbit_decoder_init' Function Denial of Service Vulnerability

FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType...

FreeType '_bdf_parse_glyphs' function denial of service vulnerability

FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType 'bdfparseglyph...