Picture Window Pro Handles BMP Images Multiple Memory Corruption Vulnerabilities

Picture Window Pro is an image processing software. Multiple memory corruption vulnerabilities exist in the tool's handling of the BMP format, which can be exploited by attackers to construct malformed BMP images and crash the program. Successful exploitation could lead to arbitrary code executio...

libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

CVE-2015-6773

The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via crafted graphics data...

Linux kernel Direct Rendering Manager subsystem denial of service vulnerability

Linux kernel is an open source operating system. The Linux kernel's Direct Rendering Manager DRM subsystem fails to properly handle requests for Graphics Execution Manager GEM objects, which can be exploited by a local attacker to conduct a denial of service attack using applications that process...

[SECURITY] Fedora 22 Update: rawstudio-2.1-0.1.20150511git983bda1.fc22

Rawstudio is a highly specialized application for processing RAW images from digital cameras. It is not a fully featured image editing application. The RAW format is often recommended to get the best quality out of digital camera images. The format is specific to cameras and cannot be read by mos...

[SECURITY] Fedora 21 Update: rawstudio-2.1-0.1.20150511git983bda1.fc21

Rawstudio is a highly specialized application for processing RAW images from digital cameras. It is not a fully featured image editing application. The RAW format is often recommended to get the best quality out of digital camera images. The format is specific to cameras and cannot be read by mos...

WideImage Cross-Site Scripting Vulnerability

WideImage is an open source for image processing object-oriented PHP library . A cross-site scripting vulnerability exists in WideImage 11.02.19, which allows remote attackers to inject arbitrary web script or HTML via the matrix parameter of demo/indexphp...

Apple iO Disk Image Processing Information Disclosure Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of disk files that allows attackers to build malicious applications and gain access to the kernel layout...

A year later, Yahoo finally fixes the SSRF vulnerability-vulnerability warning-the black bar safety net

! After a lapse of a year later, Yahoo finally fixes the image processing system of the SSRF service end request forgery）vulnerabilities. SSRF service end request forgery）vulnerability, also known as XSPA（cross-site port attacks, the problem exists in the application program loading the user...

[SECURITY] Fedora 22 Update: rawtherapee-4.2-9.fc22

Rawtherapee is a RAW image processing software. It gives full control over many parameters to enhance the raw picture before finally exporting it to some common image format...

Pillow Jpeg2KImagePlugin Plugin Denial of Service Vulnerability

Python Image Library PIL is a Python image processing library developed by Swiss software developer Fredrik Lundh. Pillow is a compiled version of PIL with some bug fixes developed by American software developer Alex Clark, and Jpeg2KImage is one of the image processing plugins. Jpeg2KImage is on...

HanWang CoolPaint Drawing Software Memory Corruption Vulnerability

HanWang CoolPaint is a drawing software developed by HanWang Technology Co. Hanvon CoolPaint has an error in the image processing logic that could allow an attacker to exploit this vulnerability to crash the program...

CVE-2015-0061

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive...

CVE-2015-0061

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive...

LibTIFF Out-of-Bounds Read/Write Denial of Service Vulnerability

LibTiff is an application library responsible for encoding/decoding TIFF image format. The use of the LibTiff library's "tiff2pdf" tool to process malformed TIFF images suffers from an out-of-bounds read/write vulnerability, which allows an attacker to exploit the vulnerability to build a malicio...

[SECURITY] Fedora 21 Update: python-pillow-2.6.1-2.fc21

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...

CVE-2014-9495

CVE-2014-9495 affects libpng used in IBM Cognos components (per IBM Tivoli/DB references). Root cause: heap-based buffer overflow in png_combine_row when decompressing IDAT data, on 64-bit systems. Affected versions: libpng before 1.5.21 and 1.6.x before 1.6.16. Potential impact: remote arbitrary...

[SECURITY] Fedora 19 Update: python-pillow-2.0.0-16.gitd1c6db8.fc19

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...

[SECURITY] Fedora 20 Update: python-pillow-2.2.1-7.fc20

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are five subpackages: tk tk interface, qt PIL image wrapper for Qt , sane scanning...

Application-Aware Image Processing failure with SQL 2012 SP2 case-sensitive collation database

Job using Application-Aware Image Processing fails during VSS processing with: Unfreeze error: Backup job failed. Cannot create a shadow copy of the volumes containing writer's data. A VSS crit...