Windows Photo Viewer prints white lines when you use an XPS driver to print photos in Windows

Windows Photo Viewer prints white lines when you use an XPS driver to print photos in Windows Symptoms Consider the following scenario: You install update 2670838 on a computer that is running Windows 7 or Windows Server 2008 R2. Or, you are using a computer that is running Windows RT, Windows 8,...

python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c

A flaw was discovered in python-pillow does where it does not properly restrict operations within the bounds of a memory buffer when decoding PCX images. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the...

CVE-2020-5311

An out-of-bounds write flaw was discovered in python-pillow in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system...

Denial Of Service (DoS)

pillow is vulnerable to denial of service DoS. The vulnerability exists as there was a lack of sanity check on xsize when decoding Pcx images with the P mode...

UBUNTU-CVE-2020-5313

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow...

UBUNTU-CVE-2020-5312

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2019-2528)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2decodegrayscaleimage...

Design/Logic Flaw

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

UBUNTU-CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

CVE-2019-7443

KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes thi...

MGASA-2019-0083 Updated kauth packages fix security vulnerability

KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugins...

UBUNTU-CVE-2016-9572

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image...

UBUNTU-CVE-2016-9600

JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash...

UBUNTU-CVE-2018-7173

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding...

openSUSE Security Update : libjpeg-turbo (openSUSE-2017-1218)

This update for libjpeg-turbo to version 1.5.2 fixes the following issues : - CVE-2017-15232: NULL pointer dereference in jdpostct.c and jquant1.c boo1062937 This compatible version update contains the following improvements : - Improved and updated upsampling support and sampling factors - Memor...

UBUNTU-CVE-2017-12863

In opencv/modules/imgcodecs/src/grfmtpxm.cpp, function PxMDecoder::readData has an integer overflow when calculate srcpitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier...

Adobe Flash - Image Decoding Out-of-Bounds Read Exploit

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:...

Adobe Flash - Image Decoding Out-of-Bounds Read

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit: http://127.0.0.1/LoadImage.swf=read1.png Proof of Concept:...

Adobe Flash - Image Decoding Out-of-Bounds Read

Adobe Flash - Image Decoding Out-of-Bounds Read Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1215 The attached png file causes an out-of-bounds read when being decoded by flash. To reproduce the issue, put LoadImage.swf and read1.png on a server, and visit:...