GLSA-200602-01 : GStreamer FFmpeg plugin: Heap-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200602-01 GStreamer FFmpeg plugin: Heap-based buffer overflow The GStreamer FFmpeg plugin contains derived code from the FFmpeg library, which is vulnerable to a heap overflow in the 'avcodecdefaultgetbuffer' function discovered b...

JVN#73133641 Eudora Japanese version stops working after the application crashes

Impact Eudora Japanese version stops functioning, once crashed by opening an email message containing a crafted image file. Solution Products Affected Eudora for Windows, earlier than version 6.2J rev 4.2...

CVE-2005-3709

Apple QuickTime Player before 7.0.4 is affected by an integer underflow in the Color Map Entry Size when parsing TGA images, potentially allowing a remote attacker to cause a crash or execute arbitrary code. Fortinet/Apple advisories confirm the issue is triggered by specially crafted TGA files a...

CVE-2005-3709

Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file...

CVE-2005-3710

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width ImageWidth tags...

CVE-2005-3709

Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file...

CVE-2005-3711

Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified 1 "strips" StripByteCounts or 2 "bands" StripOffsets values...

[SA16598] Simple PHP Blog Image File Upload Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Microsoft Color Management Module buffer overflow during profile tag validation

Overview Microsoft Color Management Module contains a flaw that may allow an attacker to execute arbitrary code. Description The Microsoft Color Management Module provides consistent color management operations between applications and devices, and transforms between colorspaces such as 'RGB' and...

zlib DoS

zlib 1.2 and later versions allows remote attackers to cause a denial of service crash via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file...

Important: Red Hat Security Advisory: kdelibs security update

Updated kdelibs packages that fix a flaw in kimgio input validation are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. KDE is a graphical desktop environment for the X Window System. Konqueror is...

CVE-2005-1046

Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file...

CVE-2005-1046

Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file...

[SECURITY] [DSA 714-1] New kdelibs packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 714-1 [email protected] http://www.debian.org/security/ Martin Schulze April 26th, 2005 http://www.debian.org/security/faq -...

kdelibs -- kimgio input validation errors

A KDE Security Advisory reports: kimgio contains a PCX image file format reader that does not properly perform input validation. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers, some of them exploitable to...

XV: Multiple vulnerabilities

Background XV is an interactive image manipulation program for the X Window System. Description Greg Roelofs has reported multiple input validation errors in XV image decoders. Tavis Ormandy of the Gentoo Linux Security Audit Team has reported insufficient validation in the PDS Planetary Data...

GLSA-200504-15 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-15 PHP: Multiple vulnerabilities An integer overflow and an unbound recursion were discovered in the processing of Image File Directory tags in PHP's EXIF module CAN-2005-1042, CAN-2005-1043. Furthermore, two infinite loops...

security flaw

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service crash or memory corruption via TIFF images that lead to incorrect malloc calls...

security flaw

Integer overflow in the TIFFFetchStripThing function in tifdirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overfl...

CVE-2005-1046

CVE-2005-1046 is a vulnerability in KDE’s kimgio library used by KDE 3.4.0 (kdelibs/kimgio). A buffer overflow when processing PCX images allows remote attackers to execute arbitrary code. Impact is remote code execution with network access and no user interaction per the CVSS data. The public do...