53 matches found
CVE-2025-6199
CVE-2025-6199 affects the GIF LZW decoder in GdkPixbuf (gdk-pixbuf2). When an invalid symbol is decompressed, the output size is set to the full buffer length instead of the number of written bytes, causing uninitialized buffer areas to be emitted and potentially leaking memory contents from GIF ...
GdkPixBuf 信息泄露漏洞
GdkPixBuf is a library that supports loading image files in multiple formats. An information disclosure vulnerability exists in GdkPixBuf that stems from improper handling of invalid symbols by the LZW decoder in the GIF parser, which could lead to a memory content disclosure...
PT-2025-25664
Name of the Vulnerable Software and Affected Versions GdkPixbuf versions prior to 2.42.10+dfsg-1+deb12u2 Description A flaw exists in the GIF parser of the LZW decoder. When an invalid symbol is encountered during decompression, the decoder incorrectly sets the reported output size to the full...
CVE-2020-13572
A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...
SUSE CVE-2004-0693
The GIF parser in the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692...
SUSE CVE-2009-3373
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2021-34305
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Gifloader.dll library in affected applications lacks proper validation of user-supplied data when parsing GIF files. This could result in an out of bounds write past the end of an...
Accusoft ImageGear Heap Overflow Vulnerability
Accusoft ImageGear is a multi-platform, multi-language document imaging developer toolkit. A heap overflow vulnerability exists in the way the GIF parser in Accusoft ImageGear 19.8 decodes LZW compressed streams. An attacker can exploit this vulnerability to execute arbitrary code via specially...
CVE-2020-13572
A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...
Heap overflow
A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...
CVE-2020-13572
CVE-2020-13572 describes a heap overflow in the GIF LZW decoder used by Accusoft ImageGear 19.8. The vulnerability occurs while decoding LZW streams in the GIF parser, where a destination index can overflow the allocated heap buffer, potentially allowing arbitrary code execution when processing s...
CVE-2020-13572
A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...
Accusoft ImageGear GIF LZW decoder heap overflow vulnerability
Summary A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...
CVE-2020-19668
Unverified indexs into the array lead to out of bound access in the gifoutcode function in fromgif.c in libsixel 1.8.6...
Arbitrary Code Execution
openoffice.org is vulnerable to arbitrary code execution. A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. An attacker could create a specially-crafted document, which once opened by a local, unsuspecting user, could cause...
Mavenlink: Uninitialized server memory disclosure via ImageMagick gif parser
A CVE in ImageMagick allowed an attacker to recover random server memory via GIF upload. GIF processing has since been disabled...
The vulnerability of the PHP interpreter allows a remote attacker to cause an application to terminate abnormally.
The vulnerability in the PHP interpreter’s GetCode function, located in the gdgifin.c file of the GD component, allows a malicious actor to cause an unexpected termination of the application by reading memory beyond the buffer using a specially crafted GIF image. This image is incorrectly process...
Adobe Photoshop CC Multiple Vulnerabilities (APSB15-12) (Mac OS X)
The version of Adobe Photoshop installed on the remote Mac OS X host is prior or equal to CC 2014 15.2.2 2014.2.2. It is, therefore, affected by the following vulnerabilities : - An unspecified memory corruption flaw exists due to not properly validating user-supplied input. An attacker can explo...
gd: buffer read overflow in gd_gif_in.c
A buffer over-read flaw was found in the GD library. A specially crafted GIF file could cause an application using the gdImageCreateFromGif function to crash...
Mozilla Firefox <= 3.5.3 and SeaMonkey <= 1.1.17 'libpr0n' GIF Parser Heap Based Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36855/info Mozilla Firefox and SeaMonkey are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code and to cause denial-of-service conditions by tricking a victim...