2680 matches found
Update Protection against Microsoft Windows GDIplus GpFont.SetData Integer Overflow
A vulnerability has been reported in Microsoft Windows Graphics Device Interface GDI. GDI is a Microsoft standard for representing graphical objects and outputting these representations to devices such as monitors and printers. The vulnerability occurs when an application that uses the affected...
LittleCms memory leak
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
Fedora 9 : argyllcms-1.0.3-3.fc9 (2009-3031)
Multiple integer overflows were found in the International Color Consortium Format Library icclib. An attacker could use this flaw to potentially execute arbitrary code by requesting to translate a specially- crafted image file created on one device into another's device native color space via a...
CVE-2009-0584
icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by usin...
CVE-2009-0583
Multiple integer overflows in icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service heap-based buffer overflow and...
Input validation
icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by usin...
CVE-2009-0584
icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by usin...
CVE-2009-0583
Multiple integer overflows in icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service heap-based buffer overflow and...
CVE-2009-0584
icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by usin...
CVE-2009-0584
CVE-2009-0584 , together with CVE-2009-0583, affects Ghostscript’s ICC library (icclib) used in Ghostscript 8.64 and earlier and Argyll CMS 1.0.3 and earlier. A crafted ICC profile embedded in a PostScript or PDF image can trigger context-dependent conditions that cause an application crash (deni...
CVE-2009-0723
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
CVE-2009-0581
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
CVE-2009-0723
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
CVE-2009-0581
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
Memory corruption
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
Integer overflow
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
CVE-2009-0723
CVE-2009-0723 affects LittleCMS (lcms/liblcms) before 1.18beta2. The vulnerability comprises multiple integer overflows that, when processing crafted image files, can trigger a heap-based buffer overflow. This issue is noted to be exploitable in contexts where LittleCMS is used (e.g., in Firefox ...
CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for th...
CVE-2009-0581
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
USN-733-1: evolution-data-server vulnerability
It was discovered that the Base64 encoding functions in evolution-data-server did not properly handle large strings. If a user were tricked into opening a specially crafted image file, or tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user...