[SECURITY] Fedora 24 Update: python-pillow-3.2.0-3.fc24

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

FreeImage Library XMP Image Handling Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this...

ImageMagick remote execution vulnerability analysis and exploit-vulnerability warning-the black bar safety net

1.1 ImageMagick description 1. ImageMagick description ImageMagick is a set of powerful, stable and open source set of tools and development kits that can be used to read, write and process the more than 8 9 basic format of the picture file, including the popular TIFF, JPEG, GIF, PNG, PDF, and...

DLA-610-1 tiff3 - security update

Bulletin has no description...

CVE-2016-1464

Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375...

SAP CAR Archive Tool Denial Of Service / Security Bypass

Advisory Information Title: SAP CAR Multiple Vulnerabilities Advisory ID: CORE-2016-0006 Advisory URL: http://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities Date published: 2016-08-09 Date of last update: 2016-08-09 Vendors contacted: SAP Release mode: Coordinated release 2...

Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0185 Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability August 6, 2016 CVE Number CVE-2016-5646 Description An exploitable heap overflow vulnerability exists in the Compound Binary File Format CBFF parser functionality of Lexmark Perceptive...

CentOS 6 : libtiff (CESA-2016:1547)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2016:1547 advisory. - Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to...

Memory Corruption Vulnerability in PhotoZoom's Handling of ICO Files

PhotoZoom is a novel and technically revolutionary tool for enlarging digital images. A memory corruption vulnerability exists in the tool's handling of ICO images, which could be exploited by attackers to construct malformed ICO images that could cause the program to crash...

Evolutionary Knowledge Based Fuzzer: Choronzon

Evolutionary Knowledge Based Fuzzer Choronzon is an evolutionary fuzzer. It tries to imitate the evolutionary process in order to keep producing better results. To achieve this, it has an evaluation system to classify which of the fuzzed files are interesting and which should be dropped. Moreover...

Silicon Graphics LibTiff Memory Corruption Vulnerability

Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. A memory corruption vulnerability exists in Silicon Graphics LibTiff, which can be exploited by attackers to obtain sensitive information and cause a denial of...

Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity

Talos Vulnerability Report TALOS-2016-0103 Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity July 19, 2016 CVE Number CVE-2016-3581 Description While parsing a specially crafted TIFF file, a parser confussion can lead to a heap buffer overflow resulting in out of bounds memory...

Silicon Graphics LibTiff 'extractContigSamplesBytes' Function Denial of Service Vulnerability

Silicon Graphics LibTiff is a library for reading and writing TIFF files. A security vulnerability in the 'extractContigSamplesBytes' function of Silicon Graphics LibTiff allows remote attackers to exploit the vulnerability to construct special TIFF images that can be tricked into being parsed by...

Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-04061)

Silicon Graphics LibTiff is a library for reading and writing TIFF Tagged Image File Format files from the U.S. company Silicon Graphics. The library contains a number of command-line tools to deal with TIFF files. A security vulnerability exists in the 'PixarLogCleanup' function in the...

CVE-2016-4434

It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XX...

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

ImageMagick Delegate Arbitrary Command Execution

This module exploits a shell command injection in the way "delegates" commands for converting files are processed in ImageMagick versions 'ImageMagick Delegate Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection in the way "delegates" commands for...

DEBIAN-CVE-2016-0775

Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via a crafted FLI file...

Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-02175)

Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. Silicon Graphics LibTiff 4.0.6 and earlier versions of the TIFFVGetField function in the tifdirinfo.c file has a security vulnerability that can be exploited by an...

[SECURITY] Fedora 22 Update: python-pillow-2.8.2-5.fc22

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...