xloadimage buffer overflow.

Hi, While creating a stripped down version of xloadimage, I have discovered three buffer overflows in xloadimage when handling the image title name. Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file...

xloadimage -- buffer overflows in NIFF image title handling

Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. ...

firefox & mozilla -- multiple vulnerabilities

A Mozilla Foundation Security Advisory reports of multiple issues: Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to insta...

[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 729-1 [email protected] http://www.debian.org/security/ Martin Schulze May 26th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 729-1 [email protected] http://www.debian.org/security/ Martin Schulze May 26th, 2005 http://www.debian.org/security/faq -...

Fedora Core 2 : gdk-pixbuf-0.22.0-12.fc2 (2005-265)

David Costanzo found a bug in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name...

php security update

CentOS Errata and Security Advisory CESA-2005:406 Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache...

Moderate: Red Hat Security Advisory: PHP security update

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

php security update

CentOS Errata and Security Advisory CESA-2005:405 Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache...

Moderate: Red Hat Security Advisory: PHP security update

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

PHP: Multiple vulnerabilities

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version of PHP, or can run stand-alone in a CLI. Description An integer overflow and an unbound recursion were discovered in the...

Debian DSA-708-1 : php3 - missing input sanitising

An iDEFENSE researcher discovered two problems in the image processing functions of PHP, a server-side, HTML-embedded scripting language, of which one is present in PHP3 as well. When reading a JPEG image, PHP can be tricked into an endless loop due to insufficient input validation. %NASLMINLEVEL...

PHP Multiple Image Processing Functions File Handling DoS

According to its banner, the version of PHP installed on the remote host is vulnerable to a denial of service attack due to its failure to properly validate file data in the routines 'phphandleiff' and 'phphandlejpeg', which are called by the PHP function 'getimagesize'. Using a specially crafted...

gtk2 security update

CentOS Errata and Security Advisory CESA-2005:344 Updated gtk2 packages that fix a double free vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for...

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A buffer overflow bug was found in the way Thunderbird processe...

mozilla -- heap buffer overflow in GIF image processing

A Mozilla Foundation Security Advisory states: An sic GIF processing error when parsing the obsolete Netscape extension 2 can lead to an exploitable heap overrun, allowing an attacker to run arbitrary code on the user's machine...

Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit

No description provided by source. See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77D7A145...

Cerulean Studios Trillian 3.0 - Remote .png Image File Parsing Buffer Overflow

Cerulean Studios Trillian 3.0 - Remote .png Image File Parsing Buffer Overflow source: https://www.securityfocus.com/bid/12703/info A remote buffer overflow vulnerability affects Cerulean Studios Trillian. This issue is due to a failure of the application to securely copy image data into finite...

Cerulean Studios Trillian 3.0 - Remote '.png' Image File Parsing Buffer Overflow

source: https://www.securityfocus.com/bid/12703/info A remote buffer overflow vulnerability affects Cerulean Studios Trillian. This issue is due to a failure of the application to securely copy image data into finite process buffers. An attacker may leverage this issue to execute arbitrary code...

Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow

See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77D7A145 Address of "jmp esp" in ntdll.dll...