Out-of-bounds

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

CVE-2007-4987

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

CVE-2007-4985

CVE-2007-4985 affects ImageMagick. Multiple connected sources confirm the issue is a denial-of-service risk from crafted images that trigger infinite loops in ReadDCMImage and ReadXCFImage (via ReadBlobByte/ReadBlobMSBLong). The provided documents do not specify a concrete patched version or exac...

CVE-2007-4988

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow...

CVE-2007-4987

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...

CVE-2007-4847

CVE-2007-4847 concerns Google Picasa allowing remote attackers to read image files stored by Picasa through unspecified vectors involving a picasa:// URI. The description notes this information is based on a vague pre-advisory. According to the NVD entry, the impact is partial confidentiality (re...

Crlf injection

CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGEEXPORTDIRECTORY array in a PE file, which could complicate forensics investigations...

CVE-2007-4464

CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGEEXPORTDIRECTORY array in a PE file, which could complicate forensics investigations...

CVE-2007-4464

CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGEEXPORTDIRECTORY array in a PE file, which could complicate forensics investigations...

CVE-2007-4057

Unrestricted file upload vulnerability in pfs.php in Neocrome Seditio 121 and earlier allows remote authenticated users to upload arbitrary PHP code via a filename ending with 1 .php.gif, 2 .php.jpg, or 3 .php.png...

[Reversemode Advisory] Microsoft DirectX RLE Compressed Targa Image File Heap Overflow

Microsoft DirectX Direct3D 9 Microsoft DirectX RLE Compressed Targa Image File Heap Overflow Ruben Santamarta rubenatreversemodedotcom 07.18.2007 Affected products: + Microsoft DirectX Direct3D 9 runtime libraries. + D3dx928.dll – D3dx9d28.dll and earlier Microsoft DirectX is prone to a heap...

GLSA-200706-09 : libexif: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200706-09 libexif: Buffer overflow iDefense Labs have discovered that the exifdataloaddataentry function in libexif/exif-data.c improperly handles integer data while working with an image with many EXIF components, allowing an...

libexif: Buffer overflow

Background libexif is a library for parsing, editing and saving EXIF metadata from images. Description iDefense Labs have discovered that the exifdataloaddataentry function in libexif/exif-data.c improperly handles integer data while working with an image with many EXIF components, allowing an...

CVE-2007-0010

The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 before 2.4.13 allows context-dependent attackers to cause a denial of service crash via a malformed image file...

Information disclosure

The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 before 2.4.13 allows context-dependent attackers to cause a denial of service crash via a malformed image file...

CVE-2007-0010

The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 before 2.4.13 allows context-dependent attackers to cause a denial of service crash via a malformed image file...

CVE-2007-0010

The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 before 2.4.13 allows context-dependent attackers to cause a denial of service crash via a malformed image file...

Microsoft Windows图形设备接口附加库拒绝服务漏洞

Microsoft Windows是一款流行的操作系统。 Microsoft Windows图形社诶接口附加库处理畸形图象文件存在问题，远程攻击者可以利用漏洞可对系统进行拒绝服务攻击。 问题存在于Windows GDI+库'gdiplus.dll'中，构建恶意的图象文件，诱使用户打开，可导致系统崩溃。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP...