CVE-2013-7447

Integer overflow in the gdkcairosetsourcepixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service crash via a large image file, which triggers a large...

CVE-2015-8488

CVE-2015-8488 affects Cybozu Office 10.3.0 (and related entries in the CVE-2015-8488 family) and is described as an information disclosure vulnerability where remote attackers can read image files by sending a crafted e-mail message. The NVD entry notes this as a separate vulnerability from CVE-2...

Suspicious Image File Remote Code Execution Attempt

Certain malicious executable files can be hidden using image file name extensions. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...

CVE-2015-8396

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM aka GDCM before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow...

CVE-2015-8396

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM aka GDCM before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow...

Integer overflow

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM aka GDCM before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow...

UBUNTU-CVE-2015-8396

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM aka GDCM before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow...

CVE-2015-8898

The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted image file...

UBUNTU-CVE-2015-8897

The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service application crash via a crafted png file...

Out-of-bounds

The pngconverttorfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read...

CVE-2015-7981

CVE-2015-7981 affects libpng in multiple branches: 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17. The issue is an out-of-bounds read in png_convert_to_rfc1123 triggered by crafted tIME chunk data, enabling a remote attacker to disclose sensitive process memory information. The...

file: mconvert incorrect handling of truncated pascal string size

A buffer overflow flaw was found in the way the File Information fileinfo extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash...

Unrestricted file upload

Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file...

Integer overflow

Integer overflow in the pixopsscalenearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow...

CVE-2015-7674

Integer overflow in the pixopsscalenearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow...

UBUNTU-CVE-2015-7981

The pngconverttorfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read...

Oracle: Security Advisory (ELSA-2007-0513)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2722-1 GDK-PixBuf Vulnerabilities | Cloud Foundry

USN-2722-1 GDK-PixBuf Vulnerabilities Medium Vendor Canonical Ubuntu Versions Affected libgdk-pixbuf2.0-0 2.30.7-0ubuntu1.1 Description It was discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote...

Vulnerabilities of iOS and Mac OS X operating systems, allowing attackers to execute arbitrary code or cause system failures

The vulnerability of the ImageIO component in iOS and Mac OS X operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted TIFF image...

CVE-2015-2974

LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...