528 matches found
MiniUPnP ngiflib Buffer Overflow Vulnerability
MiniUPnP is a set of UPnP tools developed by MiniUPnP project that can be used in embedded systems. This tool enables devices in home and corporate networks to connect to each other. ngiflib is one of the GIF image format decoding libraries written in C language. A buffer overflow vulnerability...
Debian: Security Advisory (DLA-1385-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1385-1] batik security update
Package : batik Version : 1.7+dfsg-3+deb7u3 CVE ID : CVE-2018-8013 Debian Bug : 899374 Man Yue Mo discovered a security vulnerability in Apache Batik, an SVG image library. A missing check for the class type before calling newInstance when deserializing a subclass of AbstractDocument could lead t...
ALPINE-CVE-2017-14448
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
ALPINE-CVE-2017-14449
A double-Free vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability...
ALPINE-CVE-2017-14441
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this...
UBUNTU-CVE-2017-12122
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
Out-of-Bounds
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Out-of-Bounds. A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global...
UBUNTU-CVE-2017-14448
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...
UBUNTU-CVE-2017-14441
An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this...
DEBIAN-CVE-2018-3849
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read. An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the...
Debian DLA-1341-1 : sdl-image1.2 security update
Lilith of Cisco Talos discovered several buffer overflow vulnerabilities in the SDL Image library which can be leveraged by attackers to execute arbitrary code via specially crafted image files. For Debian 7 'Wheezy', these problems have been fixed in version 1.2.12-2+deb7u2. We recommend that yo...
PYSEC-2018-147
In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmnint.cpp allows remote attackers to cause a denial of service invalid memory access via a crafted file...
PT-2018-5363 · Sdl +2 · Sdl2 Image +2
Name of the Vulnerable Software and Affected Versions: SDL2 image version 2.0.2 Description: A code execution issue exists in the ILBM image rendering functionality. A specially crafted ILBM image can cause a heap overflow, resulting in code execution. An attacker can trigger this issue by...
Debian: Security Advisory (DLA-1083-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1248-1] libgd2 security update
Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u11 CVE ID : CVE-2018-5711 Debian Bug : 887485 It was discovered that there was a denial-of-service attack in the libgd2 image library. A corrupt file could have exploited a signedness confusion leading to an infinite loop. For Debian 7 "Wheezy",...
PYSEC-2018-144
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...
PYSEC-2017-134
There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
PYSEC-2017-136
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...