CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 2048)

Several security problems have been fixed in ImageMagick : - Several heap buffer overflow were found in the Sun Bitmap decoder of ImageMagick by an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. CVE-2006-3744 - Multiple buffer overflows were fou...

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.120 and earlier...

Opera Web Browser Bitmap文件RLE远程拒绝服务漏洞

Opera是一款开放源代码的WEB浏览器。 Opera处理BMP文件存在问题，远程攻击者可以利用漏洞使浏览器停止响应，造成拒绝服务攻击。 攻击者特殊构建一个包含最大宽度的，并且数据使用00 02 FF FF opcodes填充的BMP文件，并由一个包含多个img标签显示BMP文件的WEB页来诱使用户使用Opera来访问，可导致应用程序停止响应，造成拒绝服务攻击。 Opera Software Opera Web Browser 9.50 beta Opera Software Opera Web Browser 9.24 目前没有解决方案提供： http://www.opera.com/...

Opera 9.50 beta and prior remote DoS (freeze)

Name : Opera 9.50 beta / 9.24 Remote DoS Type : Remote DoS Credits: Gynvael Coldwind of Vexillium & Simey Impact : Low Short description Opera is vulnerable to a remote DoS attack, using spacially crafted BMP files, that causes the browser to freeze for a short amount of time around 4 minutes on...

GIMP multiple image loader integer overflows

Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in 1 DICOM, 2 PNM, 3 PSD, 4 PSP, 5 Sun RAS, 6 XBM, and 7 XWD files...

Gimp image loader multiple input validation flaws

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

DEBIAN-CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

FreeType位图字体处理远程溢出漏洞

BUGTRAQ ID: 24708 FreeType是一个流行的字体函数库。 FreeType的src/base/ftbimap.c文件没有正确地处理位图字体，如果用户受骗打开了特制的字体文件的话，就可能触发缓冲区溢出，导致拒绝服务或执行任意指令。 FreeType FreeType 2.3.3 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://downloads.sourceforge.net/freetype/freetype-2.3.4.tar.gz?modtime=1176187387&bigmirror=0...

Buffer overflow

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

DEBIAN-CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

DEBIAN-CVE-2007-3473

The gdImageCreateXbm function in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash via unspecified vectors involving a gdImageCreate failure...

security flaw

Multiple integer overflows in the 1 createwbmp and 2 readwbmp functions in wbmp.c in the GD library libgd in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap WBMP images with large width or height values...

FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption

// source: https://www.securityfocus.com/bid/23312/info FastStone Image Viewer is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issues allows attackers to crash the affected application...

ACDSee 9.0 Photo Manager - Multiple '.BMP' Denial of Service Vulnerabilities

// source: https://www.securityfocus.com/bid/23317/info ACDSee 9.0 Photo Manager is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issues allows attackers to crash the affected...

Multiple font integer overflows (CVE-2007-1352)

Integer overflow in the bdfReadCharacters function in bdfread.c in 1 X.Org libXfont before 20070403 and 2 freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow...