CVE-2004-0687

Multiple stack-based buffer overflows in 1 xpmParseColors in parse.c, 2 ParseAndPutPixels in create.c, and 3 ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file...

CVE-2004-0688

Multiple integer overflows in 1 the xpmParseColors function in parse.c, 2 XpmCreateImageFromXpmImage, 3 CreateXImage, 4 ParsePixels, and 5 ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file...

Microsoft Outlook Express 4.x5.x6.0 - Plaintext Email Security Policy Bypass

Microsoft Outlook Express 4.x5.x6.0 - Plaintext Email Security Policy Bypass source: https://www.securityfocus.com/bid/11447/info Microsoft Outlook Express is reported prone to a security policy bypass vulnerability. The vulnerability presents itself if an attached image file is referenced using ...

Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass

source: https://www.securityfocus.com/bid/11447/info Microsoft Outlook Express is reported prone to a security policy bypass vulnerability. The vulnerability presents itself if an attached image file is referenced using a specially crafted CID URI. This will result in a policy bypass because the...

Microsoft Windows contains buffer overflow in processing of WMF and EMF image files

Overview A vulnerability in the way the Microsoft Windows Graphics Rendering Engine processes certain types of image files could allow an attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats...

CVE-2004-0693

The GIF parser in the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692...

CVE-2004-0692

The XPM parser in the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693...

CVE-2004-0687

CVE-2004-0687 affects OpenMotif (libXpm) with stack-based overflows in xpmParseColors, ParseAndPutPixels, and ParsePixels, allowing remote code execution via malformed XPM images. Evidence in multiple advisories confirms OpenMotif/libXpm as the vulnerable component and that patches/updates exist ...

CVE-2002-1277

CVE-2002-1277 refers to a buffer overflow in Window Maker (wmaker) 0.80.0 and earlier in its image handling code. The vulnerability arises when Window Maker allocates a buffer based on image width and height without proper overflow checks, potentially allowing remote attackers to execute arbitrar...

CVE-2002-1266

CVE-2002-1266 affects Mac OS X 10.2.2 and describes a local privilege elevation where a user can gain privileges by mounting a disk image file created on another system. The provided documents do not specify the underlying root cause details, affected components, or any remediation steps. No expl...

CVE-2002-1277

Buffer overflow in Window Maker wmaker 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer...

GLSA-200408-20 : Qt: Image loader overflows

The remote host is affected by the vulnerability described in GLSA-200408-20 Qt: Image loader overflows There are several unspecified bugs in the QImage class which may cause crashes or allow execution of arbitrary code as the user running the Qt application. These bugs affect the PNG, XPM, BMP,...

Fedora Core 2 : qt-3.3.3-0.1 (2004-271)

During a security audit, Chris Evans discovered a heap overflow in the BMP image decoder in Qt versions prior to 3.3.3. An attacker could create a carefully crafted BMP file in such a way that it would cause an application linked with Qt to crash or possibly execute arbitrary code when the file w...

JetboxOne may allow unauthorized users to execute arbitrary code

Overview Lack of input validation in JetboxOne version 2.0.8 allows an user to upload arbitrary files to the vulnerable system. This could lead to the execution of arbitrary code. Description JetboxOne, an open-source content management system, could allow an attacker with "AUTHOR" privileges to...

CVE-2004-0421

The Portable Network Graphics library libpng 1.0.15 and earlier allows attackers to cause a denial of service crash via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message...

CVE-2004-0421

CVE-2004-0421 is a libpng vulnerability where an out-of-bounds read can occur while copying error-message data, allowing a crash via crafted PNGs in libpng 1.0.x up to and including 1.0.15 (and earlier). The linked Nessus/OpenVAS data notes this issue as a regression referenced in later advisorie...

Microsoft Windows WMF/EMF Image Formats Remote Buffer Overflow Vulnerability

Description It has been reported that Windows may be prone to a remote buffer overflow vulnerability when rendering WMF/EMF image files. An attacker could create a malicious WMF or EMF file and entice a user to view the file via an application that supports the WMF and EMF formats. Immediate...

CVE-2002-1266

Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created on another system, aka "Local User Privilege Elevation via Disk Image File."...

CVE-2002-1277

Buffer overflow in Window Maker wmaker 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer...

CVE-2002-1277

Buffer overflow in Window Maker wmaker 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer...