PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. A buffer error vulnerability exists in PDF-XChange Editor that stems from a buffer overflow problem in the parsing of ICO files...

SUSE CVE-2004-0788

Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...

SUSE CVE-2007-3126

Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service crash via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237...

SUSE CVE-2016-6352

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service out-of-bounds write and crash via crafted dimensions in an ICO file...

SUSE CVE-2017-8765

The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file...

The vulnerability of the PDF-XChange PDF document viewing and editing program, related to the occurrence of operations outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the PDF document viewing and editing software PDF-XChange lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created malicious ICO file...

WordPress plugin Uploading SVG, WEBP and ICO files 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

PT-2022-4474 · Tracker Software Products · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

CVE-2020-23887

XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service DoS via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33...

WildBit Viewer 缓冲区错误漏洞

WildBit Viewer is a compact image viewer with slide show and editor. A buffer overflow vulnerability exists in WildBit Viewer version 6.6, which can be exploited by an attacker to cause a denial of service via a specially crafted ico file...

PS2EXE - Module To Compile Powershell Scripts To Executables

Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here...

Pillow 输入验证错误漏洞

Python Imaging Library PIL is a free library for the Python programming language that supports opening, manipulating, and saving a wide range of image file formats.Pillow is a PIL branch. A denial of service vulnerability exists in Pillow versions prior to 8.1.1. The vulnerability stems from not...

The vulnerability of the IG_load_file function in the ImageGear image processing library allows a hacker to execute arbitrary code.

The vulnerability of the IGloadfile function in the ImageGear image processing library is related to the output of the operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created ICO file...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-27759)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer overflow vulnerability in the 'icoread' function of the igcore19d.dll library in Accusoft ImageGear version 19.6.0. A remote attacker can exploit this vulnerability to execute code with the help...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-27758)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer error vulnerability exists in the igcore19d.dll ICO icoread parser in Accusoft ImageGear version 19.5.0. An attacker can exploit this vulnerability to execute code with the help of specially...

Credit card skimmer masquerades as favicon

Malware authors are notorious for their deceptive attempts at staying one step ahead of defenders. As their schemes get exposed, they always need to go back to their bag of tricks to pull out a new one. When it comes to online credit card skimmers, we have already seen a number of evasion...

CVE-2020-6076

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victi...

MGASA-2019-0063 Updated cinnamon packages fix security vulnerability

A flaw was found in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of for example other users' icon files in onfacebrowsemenuitemactivated and onfacemenuitemactivated. These icon files are written to the respective user's $HOME/.face locatio...

XnView Denial of Service Vulnerability (CNVD-2019-10273)

XnView is a multi-platform software that supports image viewing, conversion and editing. A denial of service vulnerability exists in XnView 2.45, which can be exploited by remote attackers to cause a denial of service via a specially crafted ICO file...

CVE-2018-14036

CVE-2018-14036 : Affected component is AccountsService (before 0.6.50) with an insufficient path check in user_change_icon_file_authorized_cb() in user.c, enabling a directory traversal via ../ sequences. Public references in Ubuntu USN-4616-1, SUSE/SUSE-SU advisories, and OpenVAS/Nessus entries ...