87 matches found
JasPer Null Pointer Backreference Vulnerability
JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. JasPer bmpdec.c:394:5 contains a null pointer back-reference vulnerability that can be exploited by an attacker to crash an application and deny service to a legitimate user...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
Denial of service
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
CVE-2015-0295 affects the BMP decoding path in QtGui (Qt before 5.5). The BMP decoder fails to correctly calculate color masks, enabling a crafted BMP file to trigger a divide-by-zero and crash (remote denial of service). Connected sources (e.g., Qt/QtBase advisories and multiple Nessus entries) ...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
MGASA-2015-0105 Updated qt3, qt4 and qtbase5 packages fix security vulnerability
The builtin BMP decoder in QtGui prior to Qt 5.5 contained a bug that would lead to a divsion by zero when loading certain corrupt BMP files CVE-2015-0295. This in turn would cause the application loading these hand crafted BMPs to crash. Qt3, Qt4 and qtbase5 have been patched to prevent this...
Updated qt3, qt4 and qtbase5 packages fix security vulnerability
The builtin BMP decoder in QtGui prior to Qt 5.5 contained a bug that would lead to a divsion by zero when loading certain corrupt BMP files CVE-2015-0295. This in turn would cause the application loading these hand crafted BMPs to crash. Qt3, Qt4 and qtbase5 have been patched to prevent this...
Ubuntu 6.06 LTS / 6.10 / 7.04 : mozilla-thunderbird (USN-582-2)
USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem. We apologize for the inconvenience. It was discovered that Thunderbird did not properly set...
FreeBSD : imlib -- BMP decoder heap buffer overflow (00644f03-fb58-11d8-9837-000c41e2cdad)
Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Ubuntu: Security Advisory (USN-582-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-582-2: Thunderbird regression
USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that...
Mozilla Foundation Security Advisory 2008-07
Mozilla Foundation Security Advisory 2008-07 Title: Possible information disclosure in BMP decoder Impact: Moderate Announced: February 19, 2008 Reporter: Gynvael Coldwind // Vexillium Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.12 Thunderbird 2.0.0.12 SeaMonkey 1.1.8...
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-576-1)
Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2008-0412, CVE-2008-0413 Flaws were discovered in the file upload form control. A malicious website...
USN-576-1: Firefox vulnerabilities
Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2008-0412, CVE-2008-0413 Flaws were discovered in the file upload form control. A malicious website...
FreeBSD : mozilla -- BMP decoder vulnerabilities (ab9c559e-115a-11d9-bc4a-000c41e2cdad)
Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database...
CVE-2004-0904
Integer overflow in the bitmap BMP decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows...
mozilla -- BMP decoder vulnerabilities
Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution...