2252 matches found
Design/Logic Flaw
Multiple unspecified vulnerabilities in the JPEG GDI+ and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted 1 JPEG and 2 GIF images...
CVE-2008-2160
CVE-2008-2160 affects Microsoft Windows CE 5.0, specifically the JPEG (GDI+) and GIF image processing components. The vulnerability allows remote code execution via crafted JPEG/GIF images. The provided documents do not include concrete exploit details or a confirmed remediation; one source notes...
Blender: Multiple vulnerabilities
Background Blender is a 3D creation, animation and publishing program. Description Stefan Cornelius Secunia Research reported a boundary error within the imbloadhdr function in in the file source/blender/imbuf/intern/radiancehdr.c when processing RGBE images CVE-2008-1102. Multiple vulnerabilitie...
libpng: Execution of arbitrary code
Background libpng is a free ANSI C library used to process and manipulate PNG images. Description Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call...
openSUSE 10 Security Update : opera (opera-5154)
A flaw when processing images could crash opera. Attackers could potentially even exploit that to execute code. This update upgrades opera to version 9.27 to fix the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Integer overflow
Multiple integer overflows in 1 filter/image-png.c and 2 filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service crash and trigger memory corruption, as demonstrated via a crafted PNG image...
Sun Java JRE Multiple Vulnerabilities (233321-233327)
The version of Sun Java Runtime Environment JRE installed on the remote host is affected by one or more security issues : - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges 233321. - When processing XS...
Multiple vulnerabilities in Google's Android SDK
Advisory ID Internal CORE-2008-0124 Advisory Information Title: Multiple vulnerabilities in Google's Android SDK Advisory ID: CORE-2008-0124 Advisory URL:https://www.coresecurity.com/core-labs/advisories/advisory-google Date published: 2008-03-04 Date of last update: 2008-03-04 Vendors contacted:...
Core Security Technologies Advisory 2008.0124
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Multiple vulnerabilities in Google's Android SDK Advisory Information Title: Multiple vulnerabilities in Google's Android SDK Advisory ID: CORE-2008-0124 Advisory URL:...
Internet Explorer Image Processing Memory Corruption (MS08-010; CVE-2008-0078)
Microsoft Internet Explorer is the most widely used Internet browser. The vulnerability is due to a memory corruption error in Microsoft Internet Explorer when handling argument validation, under certain circumstances, in image processing. A remote attacker could exploit this issue by convincing ...
Debian Security Advisory DSA 729-1 (php4)
The remote host is missing an update to php4 announced via advisory DSA 729-1. OpenVAS Vulnerability Test $Id: deb7291.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 729-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-729-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-708-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-6352
CVE-2007-6352 relates to an integer overflow in libexif (versions up to and including 0.6.16) that can be triggered by parsing crafted Exif tags in images, potentially allowing an attacker to execute arbitrary code. The root cause is an overflow in the Exif thumbnail/image tag handling (exif_data...
SuSE 10 Security Update : Qt (ZYPP Patch Number 2187)
Multiple integer overflows have been found in image processing functions within the QT library. These could potentially lead to heap overflows and code execution. CVE-2006-4811 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
cairo integer overflow
Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the readpng function...
Ubuntu 5.10 / 6.06 LTS / 6.10 : imlib2 vulnerabilities (USN-376-1)
M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary...
openSUSE 10 Security Update : qt (qt-2188)
Multiple integer overflows have been found in image processing functions within the QT library. These could potentially lead to heap overflows and code execution. CVE-2006-4811 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...
openSUSE 10 Security Update : qt3 (qt3-2189)
Multiple integer overflows have been found in image processing functions within the QT library. These could potentially lead to heap overflows and code execution. CVE-2006-4811 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...
RHEL 4 / 5 : php (RHSA-2007:0890)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2007:0890 advisory. - gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG CVE-2007-2756 - php chunksplit integer overflow CVE-2007-2872 - p...