180 matches found
CVE-2012-0025
Double free vulnerability in the FreeAllMemory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service crash via a crafted FPX image...
Double free
Double free vulnerability in the FreeAllMemory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service crash via a crafted FPX image...
CVE-2012-0025
Double free vulnerability in the FreeAllMemory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service crash via a crafted FPX image...
Oracle Outside In FlashPix Image Processing Heap Buffer Overflow (CVE-2012-1744)
A remote code execution vulnerability has been reported in Oracle Outside-In...
IrfanView FlashPix Plugin Heap Based Buffer Overflow
The version of the IrfanView FlashPix plugin Fpx.dll was found to be less than 4.34. Such versions are affected by a heap-based buffer overflow vulnerability that can be triggered by tricking users into opening an .fpx file with a specially crafted FlashPix image that is not properly handled duri...
XnView < 1.99.0 Multiple Buffer Overflow Vulnerabilities
The version of XnView installed on the remote Windows host is earlier than 1.99.0. It therefore is reportedly affected by the following heap-based buffer overflow vulnerabilities : - An integer truncation issue exists related to the handling of the depth value in 'Sun Raster' RAS image files. - A...
XnView - .FlashPix Image Processing Heap Overflow
XnView - .FlashPix Image Processing Heap Overflow Application: XnView FlashPix Image Processing Heap Overflow Platforms: Windows Secunia: SA49091 PRL: 2012-12 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Repo...
CVE-2012-0278
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression...
Heap overflow
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression...
CVE-2012-0278
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression...
CVE-2012-0278
CVE-2012-0278 concerns the IrfanView FlashPix PlugIn (Fpx.dll). The Nessus plugin indicates that versions of the FlashPix plugin prior to 4.34 are affected by a heap-based buffer overflow triggered by processing a crafted .fpx image during decompression. Successful exploitation could allow arbitr...
IrfanView FlashPix PlugIn - Decompression Heap Overflow
IrfanView FlashPix PlugIn - Decompression Heap Overflow Application: IrfanView FlashPix PlugIn Decompression Heap Overflow Platforms: Windows Secunia Number: SA48772 PRL: 2012-08 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1...
IrfanView FlashPix PlugIn - Decompression Heap Overflow
Application: IrfanView FlashPix PlugIn Decompression Heap Overflow Platforms: Windows Secunia Number: SA48772 PRL: 2012-08 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Timeline 3 Technical details 4 PoC...
XnView Multiple Buffer Overflow Vulnerabilities (Mar 2012) - Windows
XnView is prone to multiple heap-based buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
XnView Multiple Buffer Overflow Vulnerabilities - Mar12 (Windows)
This host has XnView installed and is prone to multiple heap based buffer overflow vulnerabilities. Vulnerabilities Insight: The flaws are due to - A signedness error in the FlashPix plugin Xfpx.dll when validating buffer sizes to process image's content. - An error when processing image data...
XnView FlashPix Image Processing - Heap Overflow
XnView FlashPix Image Processing - Heap Overflow Application: XnView FlashPix Image Processing Heap Overflow Platforms: Windows Secunia: SA47388 PRL: 2012-06 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Repor...
IrfanView FlashPix PlugIn - Double-Free
IrfanView FlashPix PlugIn - Double-Free Application: IrfanView FlashPix PlugIn Double-Free Vulnerability Platforms: Windows Exploitation: Remote code execution Secunia Number: SA47322 PRL: 2011-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...
IrfanView FlashPix PlugIn - Double-Free
Application: IrfanView FlashPix PlugIn Double-Free Vulnerability Platforms: Windows Exploitation: Remote code execution Secunia Number: SA47322 PRL: 2011-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Timeli...
APPLE-SA-2011-10-26-1 QuickTime 7.7.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-26-1 QuickTime 7.7.1 QuickTime 7.7.1 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application...
Apple Mac OS X FlashPix文件缓冲区溢出漏洞
BUGTRAQ ID: 50100 CVE ID: CVE-2011-3222 QuickTime是由苹果电脑所开发的一种多媒体架构,能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式,以及交互式全景影像的数项类型。 Apple QuickTime在处理特制FlashPix文件时存在缓冲区溢出漏洞,攻击者可利用此漏洞以当前用户权限执行任意代码,应用程序意外终止。 Apple QuickTime Player 7.x 厂商补丁: Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.apple.com/...