26 matches found
USN-7662-1 gdk-pixbuf vulnerabilities
It was discovered that GDK-Pixbuf incorrectly handled certain GIF files. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 25.04, Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS. CVE-2025-6199 It was discovered that GDK-Pixbuf...
SUSE CVE-2021-46829
GNOME GdkPixbuf aka GDK-PixBuf before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c compositeframe. This overflow is controllable and could be abused for code execution, especially on 32-bit systems...
CVE-2021-46829
GNOME GdkPixbuf aka GDK-PixBuf before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c compositeframe. This overflow is controllable and could be abused for code execution, especially on 32-bit systems...
gifsicle 代码问题漏洞
Gifsicle is Gifsicle handles GIF image files. A security vulnerability exists in gifsicle version 1.92, which stems from a null pointer dereference contained in the findcolororerror function in the software...
USN-4003-1 qtbase-opensource-src vulnerabilities
It was discovered that Qt incorrectly handled certain XML documents. A remote attacker could use this issue with a specially crafted XML document to cause Qt to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2018-15518 It was discovered that Qt incorrectly handle...
Memory Corruption Vulnerability in Photo Lab's Processing of GIF Images
Photo Lab is a foreign photo viewing tool. Photo Lab suffers from a memory corruption vulnerability in the handling of GIF images, which can be exploited by an attacker to cause the program to crash and execute arbitrary code by constructing a malformed GIF image...
UBUNTU-CVE-2018-19870
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault...
USN-3755-1 libgd2 vulnerabilities
It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. CVE-2018-1000222 It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-571...
Memory Corruption Vulnerability in PhotoLine's Handling of GIF Images
PhotoLine is a professional image editing software from Germany. The software suffers from a memory corruption vulnerability when dealing with the GIF format, which can be exploited by an attacker to construct malformed BMP files that can crash the program and cause a denial of service condition...
Autodesk Design Review GIF DataSubBlock Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of GIF files due to a failure to ensure that the size of the DataSubBlock is valid. An attacker could exploit this vulnerability to execute arbitrary code in the context of the...
UBUNTU-CVE-2015-1860
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a crafted GIF image...
Unspecified Denial of Service Vulnerability in Foxit Reader/Enterprise Reader and PhantomPDF GIF Handling
Foxit Reader, Enterprise Reader and PhantomPDF are PDF file processing programs. A security vulnerability in the handling of GIF files in Foxit Reader, Enterprise Reader and PhantomPDF versions prior to 7.1.5 allows remote attackers to exploit the vulnerability to construct malicious files that c...
[slackware-security] qt
New qt packages are available for Slackware 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/qt-4.8.6-i486-1slack14.1.txz: Upgraded. Fixed issues with BMP, ICO, and GIF handling that could lead to a denial of service or the...
DEBIAN-CVE-2014-9709
The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function...
Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22899/info Firefox is prone to a remote denial-of-service vulnerability. An attacker may exploit this vulnerability to cause the application to crash, resulting in denial-of-service conditions. Little is known regarding...
ImageMagick GIF Comment Processing Off-by-one Buffer Overflow (CVE-2013-4298)
An off-by-one vulnerability has been reported in ImageMagick's GIF handling library...
RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a user must open a malicious file or visit a malicious web site. The specific flaw exists during the parsing of GIF files with forged chunk sizes...
ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability
ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-006 January 21, 2010 -- CVE ID: CVE-2009-4242 -- Affected Vendors: RealNetworks -- Affected Products: RealNetworks RealPlayer -- TippingPointTM IPS Customer...
openSUSE Security Update : optipng (optipng-972)
OptiPNG contained a bug in the GIF handling code that allowed to use already freed ressources. CVE-2009-0749 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : optipng (optipng-972)
OptiPNG contained a bug in the GIF handling code that allowed to use already freed ressources. CVE-2009-0749 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...