DEBIAN-CVE-2016-9811

The windowsicontypefind function in gst-plugins-base in GStreamer before 1.10.2, when GSLICE is set to always-malloc, allows remote attackers to cause a denial of service out-of-bounds read via a crafted ico file...

Microsoft Windows Icon File Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file or folder. The specific flaw exists within the...

DEBIAN-CVE-2016-6352

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service out-of-bounds write and crash via crafted dimensions in an ICO file...

Memory Corruption Vulnerability in PhotoZoom's Handling of ICO Files

PhotoZoom is a novel and technically revolutionary tool for enlarging digital images. A memory corruption vulnerability exists in the tool's handling of ICO images, which could be exploited by attackers to construct malformed ICO images that could cause the program to crash...

UBUNTU-CVE-2016-6352

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service out-of-bounds write and crash via crafted dimensions in an ICO file...

PhotoFiltre Studio X Handles ICO File Memory Corruption Vulnerability

PhotoFiltre Studio is a powerful and easy to use image editing software. A memory corruption vulnerability exists in PhotoFiltre Studio X's handling of ICO files, which allows attackers to exploit the vulnerability to construct malformed ICO files and cause the application to crash...

IcoFX 2.5.0.0 (.ico) - Buffer Overflow Vulnerability

IcoFX is prone to a client side security vulnerability when processing .ICO files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of IcoFX to open a specially crafted icon file. Version 2.5.0.0 for Windows is...

Firefox < 10.0.7 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 10.0.7 and thus, is potentially affected by the following security issues : - Unspecified memory safety issues exist. CVE-2012-1970 - Multiple use-after-free errors exist. CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976,...

Mozilla Thunderbird 10.0.x < 10.0.7 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - Unspecified memory safety issues exist. CVE-2012-1970 - Multiple use-after-free errors exist. CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956,...

Race condition

The userchangeiconfileauthorizedcb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition...

CVE-2012-2737

The userchangeiconfileauthorizedcb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition...

CVE-2012-2737

AccountsService

DEBIAN-CVE-2011-0727

GNOME Display Manager gdm 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a 1 dmrc or 2 face icon file under /var/cache/gdm/...

gdm: privilege escalation vulnerability

GNOME Display Manager gdm 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a 1 dmrc or 2 face icon file under /var/cache/gdm/...

MS Internet Explorer .ANI files handling Universal Exploit (MS05-002)

No description provided by source. / Added string.h /str0ke / / HOD-ms05002-ani-expl.c: 2005-01-10: PUBLIC v.0.2 Copyright c 2004-2005 houseofdabus. MS05-002 Microsoft Internet Explorer .ANI Files Handling Exploit CAN-2004-1049 .:: houseofdabus ::. universal -- for all affected systems...

DEBIAN-CVE-2007-3126

Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service crash via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237...

PT-2007-3574 · Microsoft · Windows Gdi

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Graphics Device Interface GDI+ affected versions not specified Description: The issue allows context-dependent attackers to cause a denial of service crash via an ICO file with an InfoHeader containing a Height of zero. This...

Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service

Microsoft Windows 98SE - User32.dll Icon Handling Denial of Service source: https://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values...

security flaw

Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...