Lucene search
+L

877 matches found

Prion
Prion
added 2008/10/02 6:18 p.m.17 views

Integer overflow

Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation...

9.3CVSS6.2AI score0.03214EPSS
Exploits0References14Affected Software1
UbuntuCve
UbuntuCve
added 2008/10/02 12:0 a.m.22 views

CVE-2008-3520

Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation...

9.3CVSS7.1AI score0.03214EPSS
Exploits0References3
Prion
Prion
added 2008/09/24 8:37 p.m.19 views

Information disclosure

The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file...

5CVSS5.9AI score0.01662EPSS
Exploits1References35Affected Software2
NVD
NVD
added 2008/09/11 1:1 a.m.22 views

CVE-2007-5348

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite...

9.3CVSS8.2AI score0.52886EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2008/04/08 12:0 a.m.9 views

PT-2008-2681 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through Server 2008 Description: A heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed...

9.3CVSS9.3AI score0.57102EPSS
Exploits1References26
NVD
NVD
added 2007/09/24 10:17 p.m.21 views

CVE-2007-4987

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

9.3CVSS7.7AI score0.03819EPSS
Exploits2References22
NVD
NVD
added 2007/09/24 10:17 p.m.25 views

CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

7.8CVSS7.8AI score0.03093EPSS
Exploits2References25
Prion
Prion
added 2007/09/24 10:17 p.m.23 views

Out-of-bounds

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

9.3CVSS7.2AI score0.03819EPSS
Exploits2References22Affected Software1
UbuntuCve
UbuntuCve
added 2007/09/24 10:17 p.m.34 views

CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

7.8CVSS7.7AI score0.03093EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2007/09/24 10:17 p.m.32 views

CVE-2007-4985

ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers 1 an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or 2 an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong...

4.3CVSS7.2AI score0.01814EPSS
Exploits0References2
CVE
CVE
added 2007/09/24 10:0 p.m.91 views

CVE-2007-4985

CVE-2007-4985 affects ImageMagick. Multiple connected sources confirm the issue is a denial-of-service risk from crafted images that trigger infinite loops in ReadDCMImage and ReadXCFImage (via ReadBlobByte/ReadBlobMSBLong). The provided documents do not specify a concrete patched version or exac...

4.3CVSS7.1AI score0.01814EPSS
Exploits0References27Affected Software1
Debian CVE
Debian CVE
added 2007/09/24 10:0 p.m.51 views

CVE-2007-4987

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

9.3CVSS7AI score0.03819EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/01/17 12:0 a.m.13 views

JVN#73133641 Eudora Japanese version stops working after the application crashes

Impact Eudora Japanese version stops functioning, once crashed by opening an email message containing a crafted image file. Solution Products Affected Eudora for Windows, earlier than version 6.2J rev 4.2...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/07/06 2:30 p.m.4 views

zlib DoS

zlib 1.2 and later versions allows remote attackers to cause a denial of service crash via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file...

7.5CVSS7.6AI score0.05476EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2005/03/23 10:7 a.m.7 views

security flaw

Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file...

7.5CVSS6.5AI score0.03422EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/02/26 5:0 a.m.24 views

CVE-2004-1726

Multiple integer overflows in 1 xviris.c, 2 xvpcx.c, and 3 xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow...

7.7AI score0.03809EPSS
Exploits1References3
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-1725

Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file...

7.5CVSS8AI score0.03809EPSS
Exploits1References3
Rows per page
Query Builder