877 matches found
Integer overflow
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation...
CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation...
Information disclosure
The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file...
CVE-2007-5348
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite...
PT-2008-2681 · Microsoft · Windows +1
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through Server 2008 Description: A heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed...
CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...
CVE-2007-4988
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...
Out-of-bounds
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...
CVE-2007-4988
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...
CVE-2007-4985
ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers 1 an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or 2 an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong...
CVE-2007-4985
CVE-2007-4985 affects ImageMagick. Multiple connected sources confirm the issue is a denial-of-service risk from crafted images that trigger infinite loops in ReadDCMImage and ReadXCFImage (via ReadBlobByte/ReadBlobMSBLong). The provided documents do not specify a concrete patched version or exac...
CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...
JVN#73133641 Eudora Japanese version stops working after the application crashes
Impact Eudora Japanese version stops functioning, once crashed by opening an email message containing a crafted image file. Solution Products Affected Eudora for Windows, earlier than version 6.2J rev 4.2...
zlib DoS
zlib 1.2 and later versions allows remote attackers to cause a denial of service crash via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file...
security flaw
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file...
CVE-2004-1726
Multiple integer overflows in 1 xviris.c, 2 xvpcx.c, and 3 xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow...
CVE-2004-1725
Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image file...