1097 matches found
xloadimage buffer overflow.
Hi, While creating a stripped down version of xloadimage, I have discovered three buffer overflows in xloadimage when handling the image title name. Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file...
xloadimage -- buffer overflows in NIFF image title handling
Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. ...
DSA-714-1 kdelibs - several
Bulletin has no description...
[KDE Security Advisory]: kimgio input validation errors
KDE Security Advisory: kimgio input validation errors Original Release Date: 2005-04-21 URL: http://www.kde.org/info/security/advisory-20050421-1.txt 0. References http://bugs.kde.org/102328 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 1. Systems affected: kdelibs as shipped with K...
DEBIAN-CVE-2005-0406
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image...
Microsoft Windows Media Player Remote PNG Image Format Buffer Overflow Vulnerability
Description A remote buffer overflow vulnerability affects the Portable Network Graphics PNG image format processing functionality of Microsoft Windows Media Player. This issue is due to a failure of the application to properly validate the size of image data prior to copying it into static proce...
openmotif21 stack overflows in libxpm
Multiple integer overflows in 1 the xpmParseColors function in parse.c, 2 XpmCreateImageFromXpmImage, 3 CreateXImage, 4 ParsePixels, and 5 ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file...
DEBIAN-CVE-2004-0782
Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...
Fedora Core 2 : libtiff-3.5.7-20.2 (2004-334)
The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect libtiff. An attacker who...
openmotif21 stack overflows in libxpm
Multiple integer overflows in 1 the xpmParseColors function in parse.c, 2 XpmCreateImageFromXpmImage, 3 CreateXImage, 4 ParsePixels, and 5 ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file...
openmotif21 stack overflows in libxpm
Multiple stack-based buffer overflows in 1 xpmParseColors in parse.c, 2 ParseAndPutPixels in create.c, and 3 ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file...
CVE-2004-0691
Heap-based buffer overflow in the BMP image format parser for the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code...
libpng png_handle_sBIT() performs insufficient bounds checking
Overview The Portable Network Graphics library libpng contains a flaw that could introduce a remotely exploitable vulnerability. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics Interchange Format GIF. The libpng...
RHEL 2.1 : libpng (RHSA-2002:152)
Updated libpng packages are available that fix a buffer overflow vulnerability. The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. Versions of libpng prio...
Opera Images (GM#004-OP)
GreyMagic Security Advisory GM004-OP ===================================== By GreyMagic Software, Israel. 04 Feb 2003. Available in HTML format at http://security.greymagic.com/adv/gm004-op/. Topic: Opera Images. Discovery date: 29 Jan 2003. Affected applications: ====================== Opera 7...
Important: Red Hat Security Advisory: libpng security update
Updated libpng packages are available which fix a buffer overflow vulnerability. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a...
PT-2004-3705 · Debian +1 · Lesstif-Bin +6
Name of the Vulnerable Software and Affected Versions: lesstif-dev affected versions not specified lesstif-bin affected versions not specified lesstif1 affected versions not specified lesstif-dbg affected versions not specified lesstif-doc affected versions not specified libXpm versions prior to...