GraphicsMagick Heap Buffer Overflow Vulnerability

GraphicsMagick is a simple set of image processing tools. A heap buffer overflow vulnerability exists in GraphicsMagick 8BIM/8BIMW, which could be exploited by an attacker to execute arbitrary script and code in the context of an affected program...

ALPINE-CVE-2016-3625

tifread.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via a crafted TIFF image...

CVE-2016-3620

The ZIPEncode function in tifzip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

USN-3090-1: Pillow vulnerabilities

It was discovered that a flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed, potentially leading to a denial of service. CVE-2014-9601 Andrew Drake discovered that Pillow incorrectly validated input. A remote attacker could use...

ImageMagick heap buffer overflow vulnerability (CNVD-2016-08167)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. ImageMagick suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause the...

[SECURITY] Fedora 23 Update: GraphicsMagick-1.3.25-1.fc23

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

[SECURITY] Fedora 24 Update: GraphicsMagick-1.3.25-1.fc24

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

[SECURITY] Fedora 25 Update: GraphicsMagick-1.3.25-1.fc25

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

CVE-2016-6291

Removed by vendor...

The vulnerability of the Firefox browser allows a remote attacker to gain access to the dynamic memory of the process or trigger a service denial-of-service attack.

The vulnerability of the Firefox browser in the implementation of the QCMS component allows a malicious actor to gain access to confidential information from the dynamic memory of the process, or to trigger a service failure reading beyond the boundaries of the system by using an image that is...

The vulnerability of PHP software allows a malicious attacker to compromise the integrity and accessibility of protected information.

The vulnerability exists in the GD context component of PHP, due to the presence of the sequence %00 in path names. Exploiting this vulnerability allows malicious actors to overwrite arbitrary files using specially crafted input data that triggers the functions imagegd, imagegd2, imagegif,...

Updated libgd packages fix security vulnerability

Stack overflow with imagefilltoborder CVE-2015-8874. Integer Overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766. Integer Overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767. Improperly handling invalid color index in gdImageCropThreshold could result in...

[SECURITY] Fedora 23 Update: GraphicsMagick-1.3.24-1.fc23

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

[SECURITY] Fedora 22 Update: GraphicsMagick-1.3.24-1.fc22

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

ImageMagick Denial of Service Vulnerability (CNVD-2016-03865)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in ImageMagick. An attacker can exploit this vulnerability to cause a denial ...

CVE-2015-8875

Multiple integer overflows in the 1 pixopscompositenearest, 2 pixopscompositecolornearest, and 3 pixopsprocess functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted image, whi...

CVE-2015-8875

Multiple integer overflows in the 1 pixopscompositenearest, 2 pixopscompositecolornearest, and 3 pixopsprocess functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted image, whi...

stickyKeysHunter - A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor

This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result. How does it work? 1. Connects to RDP using rdesktop 2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors...

DLA-486-1 imagemagick - security update

Bulletin has no description...

CVE-2014-9762

imlib2 before 1.4.7 allows remote attackers to cause a denial of service segmentation fault via a GIF image without a colormap...