2680 matches found
DLA-610-1 tiff3 - security update
Bulletin has no description...
UBUNTU-CVE-2016-7518
The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted SUN file...
GLSA-201608-01 : OptiPNG: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201608-01 OptiPNG: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OptiPNG. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a special...
CentOS 6 : libtiff (CESA-2016:1547)
The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2016:1547 advisory. - Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to...
Apple's operating system exposed new vulnerabilities in addition to the latest version without immune-vulnerability warning-the black bar safety net
Security researchers recently discovered that Appleoperating systemthere is a huge security vulnerability. Hackers only need to know your phone number, you can use this security vulnerability to steal the user's password. ! IDG according to foreign media reports, security researchers recently...
Silicon Graphics LibTiff Memory Corruption Vulnerability
Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. A memory corruption vulnerability exists in Silicon Graphics LibTiff, which can be exploited by attackers to obtain sensitive information and cause a denial of...
The vulnerability of the libpng library, which allows a hacker to execute arbitrary code
The vulnerability of the pngcombinerow function in the libpng library arises due to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted PNG file...
USN-3025-1 gimp vulnerability
It was discovered that GIMP incorrectly handled malformed XCF files. If a user were tricked into opening a specially crafted XCF file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges...
The vulnerability of the Windows operating system allows a malicious individual to elevate their privileges or execute arbitrary code.
The vulnerability exists in Microsoft DirectShow and is related to the processing of specially crafted JPEG graphic files. Exploiting this vulnerability allows for the execution of code remotely, provided that the user opens a specially crafted graphic file. Exploiting this vulnerability also...
Silicon Graphics LibTiff 'extractContigSamplesBytes' Function Denial of Service Vulnerability
Silicon Graphics LibTiff is a library for reading and writing TIFF files. A security vulnerability in the 'extractContigSamplesBytes' function of Silicon Graphics LibTiff allows remote attackers to exploit the vulnerability to construct special TIFF images that can be tricked into being parsed by...
Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-04061)
Silicon Graphics LibTiff is a library for reading and writing TIFF Tagged Image File Format files from the U.S. company Silicon Graphics. The library contains a number of command-line tools to deal with TIFF files. A security vulnerability exists in the 'PixarLogCleanup' function in the...
The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.
The vulnerability of the exifprocessIFDinJPEG function ext/exif/exif.c in the PHP interpreter improperly checks the size of the IFD file. Exploiting this vulnerability may allow a malicious actor to trigger a service failure memory overflow or potentially cause other effects through specially...
Silicon Graphics LibTiff Buffer Overflow Vulnerability (CNVD-2016-03846)
Silicon Graphics LibTiff is a library for reading and writing TIFF Tagged Image File Format files from the U.S. company Silicon Graphics. The library contains a number of command-line tools to deal with TIFF files. A buffer overflow vulnerability exists in the 'TIFFVGetField' function in Silicon...
JVN#53542912: Cybozu Garoon fails to restrict access permissions
Cybozu Garoon is a groupware. Cybozu Garoon fails to restrict access permissions in the mail function. Impact An unintentional image file may be displayed on the mail view. As a result, an attacker may be convinced that the user read the email. Solution Update the Software Update to the latest...
[SECURITY] Fedora 23 Update: imlib2-1.4.9-1.fc23
Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...
[SECURITY] Fedora 22 Update: imlib2-1.4.9-1.fc22
Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...
DEBIAN-CVE-2014-9763
imlib2 before 1.4.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted PNM file...
UBUNTU-CVE-2014-9763
imlib2 before 1.4.7 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted PNM file...
Foxit Reader and PhantomPDF Denial of Service Vulnerability (CNVD-2016-02734)
Foxit Reader PhantomPDF is a commercial version of the Chinese Foxit Foxit Software Corporation's PDF document reader. A denial of service vulnerability exists in Foxit Reader PhantomPDF 7.3.0.118 and earlier versions, which allows remote attackers to cause a denial of service via a crafted JPEG...
RoundCube Webmail Cross-Site Scripting Vulnerability (CNVD-2016-02711)
RoundCube Webmail is a browser-based IMAP client mail client. A cross-site scripting vulnerability exists in RoundCube Webmail, which can be exploited to inject arbitrary web script or HTML with the help of specially crafted Svg image files...