CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...

CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...

CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...

CVE-2016-10167

The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted image file...

PT-2016-3103 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: The issue is related to the ReadGROUP4Image function in coders/tiff.c, which does not properly handle errors. This can be exploited by a remote attacker to cause a denial of service,...

UBUNTU-CVE-2016-10062

The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service application crash via a crafted file...

osClass 3.6.1: Remote Code Execution via Image File

RIPS Analysis RIPS was able to scan the 156,000 lines of code in just 23 seconds. Looking at the scan results, a high number of vulnerabilities were detected in this project. Especially high-rated vulnerabilities seem to make the race. However, there is no critical-rated vulnerability found on th...

CVE-2016-9556

The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service out-of-bounds heap read via a crafted image file...

Apple macOS Sierra Core Image Memory Corruption Vulnerability

Apple macOS Sierra is a specialized operating system developed by Apple for Mac computers, and Core Image is one of the graphical considerations framework. A memory corruption vulnerability exists in Core Image in Apple macOS Sierra versions prior to 10.12.1. A remote attacker can exploit this...

LibTIFF tif_pixarlog.c Heap Buffer Overflow Vulnerability

LibTIFF is a library for reading and writing the Tagged Image File Format abbreviated as TIFF. A security vulnerability exists in libtiff version 4.0.6 in tifpixarlog.c, which can lead to out-of-bounds write operations in the heap buffer...

LibTIFF 'tif_print.c' Denial of Service Vulnerability

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A denial of service vulnerability exists in LibTIFF 'tifprint.c', which can be exploited by ...

CVE-2016-9556

The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service out-of-bounds heap read via a crafted image file...

CVE-2016-9388

The rasgetcmap function in rasdec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

openSUSE Security Update : php5 (openSUSE-2016-1321)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Security update for php5 (important)

This update for php5 fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input

The exifprocessIFDinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...

[ASA-201611-13] shutter: arbitrary code execution

Arch Linux Security Advisory ASA-201611-13 ========================================== Severity: Medium Date : 2016-11-14 CVE-ID : CVE-2015-0854 Package : shutter Type : arbitrary code execution Remote : No Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package shutter before...

CVE-2016-7212

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Cod...

Remote code execution

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Cod...

CVE-2016-7212

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Cod...