CVE-2008-1573

Apple Mac OS X ImageIO’s BMP/GIF decoding engine is affected by CVE-2008-1573: an out-of-bounds read could disclose memory contents when processing crafted BMP or GIF images. Affected versions are Mac OS X before 10.5.3. The issue is addressed by updating to Mac OS X 10.5.3 Security Update; apply...

Debian Security Advisory DSA 591-1 (libgd2)

The remote host is missing an update to libgd2 announced via advisory DSA 591-1. OpenVAS Vulnerability Test $Id: deb5911.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 591-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Re: GDI+ and Internet Explorer question

IE has its own image decoders for many image types jpeg, ico, etc. You can trigger this bug remotely by renaming your .ico to .emf or .wmf, which forces it be opened by the Picture and Fax Viewer using GDI+. -HD On Saturday 09 June 2007 06:40, [email protected] wrote: fails to crash my Internet...

DSA-1168-1 imagemagick

Bulletin has no description...

Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

Heap-based buffer overflow in the JPEG decoder in the TIFF library libtiff before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size TiffScanLineSize...

security flaw

Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors...

Ubuntu 4.10 : lesstif1-1 vulnerabilities (USN-83-2)

USN-83-1 fixed some vulnerabilities in the 'lesstif2' library. The older 'lesstif1' library was also affected, however, a fix was not yet available at that time. This USN fixes the flaws for lesstif1. Please note that there are no supported applications that use this library, so this only affects...

Ubuntu 4.10 : lesstif1-1 vulnerabilities (USN-83-1)

Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image...

Ubuntu 4.10 : lesstif1-1 vulnerabilities (USN-92-1)

Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image...

USN-83-2: LessTif 1 vulnerabilities

USN-83-1 fixed some vulnerabilities in the "lesstif2" library. The older "lesstif1" library was also affected, however, a fix was not yet available at that time. This USN fixes the flaws for lesstif1. Please note that there are no supported applications that use this library, so this only affects...

FreeBSD : xpm -- image decoding vulnerabilities (ef253f8b-0727-11d9-b45d-000c41e2cdad)

Chris Evans discovered several vulnerabilities in the libXpm image decoder : - A stack-based buffer overflow in xpmParseColors - An integer overflow in xpmParseColors - A stack-based buffer overflow in ParsePixels and ParseAndPutPixels The X11R6.8.1 release announcement reads : This version is...

FreeBSD : gdk-pixbuf -- image decoding vulnerabilities (3d1e9267-073f-11d9-b45d-000c41e2cdad)

Chris Evans discovered several flaws in the gdk-pixbuf XPM image decoder : - Heap-based overflow in pixbufcreatefromxpm - Stack-based overflow in xpmextractcolor - Integer overflows in io-ico.c Some of these flaws are believed to be exploitable. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

USN-92-1: LessTif vulnerabilities

Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image...

GLSA-200501-19 : imlib2: Buffer overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200501-19 imlib2: Buffer overflows in image decoding Pavel Kankovsky discovered that several buffer overflows found in the libXpm library see GLSA 200409-34 also apply to imlib see GLSA 200412-03 and imlib2. He also fixed a number...

GLSA-200501-06 : tiff: New overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200501-06 tiff: New overflows in image decoding infamous41md found a potential integer overflow in the directory entry count routines of the TIFF library CAN-2004-1308. Dmitry V. Levin found another similar issue in the tiffdump...

tiff: New overflows in image decoding

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description infamous41md found a potential integer overflow in the directory entry count routines o...

[Full-Disclosure] [ GLSA 200412-03 ] imlib: Buffer overflows in image decoding

Gentoo Linux Security Advisory GLSA 200412-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

imlib: Buffer overflows in image decoding

Background imlib is an advanced replacement library for image manipulation libraries like libXpm. It is called by numerous programs, including gkrellm and several window managers, to help in displaying images. Description Pavel Kankovsky discovered that several overflows found in the libXpm libra...

GLSA-200412-03 : imlib: Buffer overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200412-03 imlib: Buffer overflows in image decoding Pavel Kankovsky discovered that several overflows found in the libXpm library see GLSA 200409-34 also applied to imlib. He also fixed a number of other potential flaws. Impact : ...

DEBIAN-CVE-2004-0782

Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...