Binary Vulnerability in Windshade Viewer FyPicViewer.exe Handling TIFs

Wind Shadow Picture Viewer is a computer client picture viewing software, small and lightweight, simple interface, comprehensive features, compatible with hundreds of image formats, including commonly used JPG, BMP, PNG and other conventional image formats and PDS and other professional image...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

Cisco Webex Network Recording Player and Webex Player for Microsoft Windows Buffer Overflow Vulnerability

Cisco Webex Network Recording Player is a player for playing video conference recordings from Cisco USA. A buffer overflow vulnerability exists in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows, which stems from the program's failure to...

Moderate: Red Hat Security Advisory: libmspack security update

An update for libmspack is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2019-0327

SAP NetWeaver for Java Application Server - Web Container, engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5, servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5, allows an attacker to upload files including script files without proper file format validation...

UBUNTU-CVE-2019-12213

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion...

UBUNTU-CVE-2019-12212

When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file...

UBUNTU-CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow...

Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow

Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow Huawei eSpace Meeting Image File Format Handling Buffer Overflow Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop,...

Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow

Huawei eSpace Meeting Image File Format Handling Buffer Overflow Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC Summary: Create more convenient Enhanced...

Fedora Update for zchunk FEDORA-2018-7d138cfd7b

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How To Do Firmware Analysis. Tools, Tips, and Tricks

So, you’ve got a firmware dump. Perhaps a raw read off a chip? An update file you downloaded off the internet? Now what? Taking a firmware dump and turning it into something useful can sometimes be painful. Sometimes you’ll be faced with proprietary barely documented file formats, strange raw dat...

CVE-2019-11687

An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b and continuing in current implementations. The 128-byte preamble of a DICOM file that complies with this specification can contain arbitrary executable headers for multiple operating systems,...

CVE-2019-11687

An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b and continuing in current implementations. The 128-byte preamble of a DICOM file that complies with this specification can contain arbitrary executable headers for multiple operating systems,...

CVE-2019-11687

CVE-2019-11687 concerns the DICOM Part 10 File Format (NEMA DICOM Standard 1995–2019b and current). The 128-byte preamble can contain arbitrary executable headers (including PE/ELF), enabling polyglot/malicious DICOM files (e.g., dual‑purpose TIFF/DICOM) to be used as attack surface. Exploitation...

Denial Of Service (DoS) And Remote Code Execution (RCE)

GStreamer is vulnerable to denial of service DoS and remote code execution RCE attacks. GStreamer's FLC/FLI/FLX media file format decoding plug-in is the flawed component. A remote attacker could crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

The libexif packages provide an Exchangeable image file format Exif library. Exif allows metadata to be added to and read from certain types of image files. Multiple flaws were found in the way libexif processed Exif tags. An attacker could create a specially-crafted image file that, when opened ...

CARBANAK Week Part Four: The CARBANAK Desktop Video Player

Part One, Part Two and Part Three of CARBANAK Week are behind us. In this final blog post, we dive into one of the more interesting tools that is part of the CARBANAK toolset. The CARBANAK authors wrote their own video player and we happened to come across an interesting video capture from CARBAN...

DEBIAN-CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

Foxit Studio Photo Information Disclosure Vulnerability

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A security vulnerability exists in the handling of TIF files in Foxit Studio Photo 3.6.6.779 and prior versions, which is caused by the program failing to properly validate user-submitted data. An attacker...