280 matches found
PYSEC-2020-81
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...
Free Photo Viewer Code Issue Vulnerability
Free Photo Viewer is a lightweight photo viewer. A code issue vulnerability exists in Free Photo Viewer. The vulnerability can be exploited to execute arbitrary code via specially crafted BMP and/or TIFF files...
The vulnerability in the software for creating 3D computer graphics with Blender arises from a full-integer overflow, allowing an attacker to execute arbitrary code.
The vulnerability of Blender’s software for creating 3D computer graphics arises from a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created TIFF file...
CVE-2019-5084
An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF ima...
Memory corruption vulnerability in XnView ldf files
XnView from France is a great image viewer with image viewer, screen capture, slideshow, thumbnail maker, batch conversion, hexadecimal browsing, drag-and-drop, address book, scanning input, etc. It supports more than 100 image formats, and more than 500 images after installing plug-ins. XnView l...
Memory Corruption Vulnerability in TIFF Image Processing by Good123 Photo King
Good123 Viewer is an image viewing software. A memory corruption vulnerability exists in the handling of TIFF images by Good123 Viewer, which can be exploited by attackers to cause the program to crash by constructing malformed TIFF images...
Binary Vulnerability in Exif Pilot
Exif Pilot is a free EXIF editor from Two Pilots. A binary vulnerability exists in Exif Pilot's handling of the TIFF format, which can be exploited by an attacker to cause the program to crash by constructing a malformed TIFF-formatted image...
Binary Vulnerability in Flying Pigeon Network Printing Component (CNVD-2019-33149)
Flying Pigeon is a LAN instant messaging software for enterprises, schools and families, realizing high-speed transmission of messages and files within LAN and printing on Flying Pigeon network. A binary vulnerability exists in the Flying Pigeon Network Printing component, which can be exploited ...
Binary Vulnerability in Windshade Viewer FyPicEditor.exe Handling TIFs
Wind Shadow Picture Viewer is a computer client picture viewing software, small and lightweight, simple interface, comprehensive features, compatible with hundreds of image formats, including commonly used JPG, BMP, PNG and other conventional image formats and PDS and other professional image...
Binary Vulnerability in Windshade Viewer FyPicViewer.exe Handling TIFs
Wind Shadow Picture Viewer is a computer client picture viewing software, small and lightweight, simple interface, comprehensive features, compatible with hundreds of image formats, including commonly used JPG, BMP, PNG and other conventional image formats and PDS and other professional image...
UBUNTU-CVE-2019-12212
When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file...
UBUNTU-CVE-2019-12211
When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow...
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow Huawei eSpace Meeting Image File Format Handling Buffer Overflow Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop,...
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow
Huawei eSpace Meeting Image File Format Handling Buffer Overflow Vulnerability Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected version: eSpace 1.1.11.103 aka eSpace ECS, eSpace Desktop, eSpace Meeting, eSpace UC Summary: Create more convenient Enhanced...
Denial Of Service (DoS)
The libexif packages provide an Exchangeable image file format Exif library. Exif allows metadata to be added to and read from certain types of image files. Multiple flaws were found in the way libexif processed Exif tags. An attacker could create a specially-crafted image file that, when opened ...
Foxit Studio Photo Information Disclosure Vulnerability
Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A security vulnerability exists in the handling of TIF files in Foxit Studio Photo 3.6.6.779 and prior versions, which is caused by the program failing to properly validate user-submitted data. An attacker...
libTIFF: Denial of service
Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Please review the CVE identifier referenced below for details. Impact Please review the...
ALPINE-CVE-2019-6128
The TIFFFdOpen function in tifunix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb...
CVE-2018-3981
An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution...
PT-2018-16254 · Acd Systems · Canvas Draw
Name of the Vulnerable Software and Affected Versions: Canvas Draw version 4.0.0 Description: An out-of-bounds write exists in the TIFF parsing functionality. A specially crafted TIFF image can lead to an out-of-bounds write, overwriting arbitrary data, and potentially allowing an attacker to...