375 matches found
[SECURITY] Fedora Core 5 Update: gimp-2.2.14-5.fc5
GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras ...
[SECURITY] Fedora Core 6 Update: gimp-2.2.14-5.fc6
GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras ...
[SECURITY] Fedora Core 6 Update: ImageMagick-6.2.8.0-4.fc6
ImageMagickTM is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed...
imlib2: Multiple vulnerabilities
Background imlib2 is an advanced replacement for image manipulation libraries such as libXpm. It is utilized by numerous programs, including gkrellm and several window managers, to display images. Description M. Joonas Pihlaja discovered several buffer overflows in loaderargb.c, loaderpng.c,...
GIMP: Buffer overflow
Background GIMP is the GNU Image Manipulation Program. XCF is the native image file format used by GIMP. Description Henning Makholm discovered that the "xcfloadvector" function is vulnerable to a buffer overflow when loading a XCF file with a large "numaxes" value. Impact An attacker could explo...
Moderate: Red Hat Security Advisory: gimp security update
Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GIMP GNU Image Manipulation Program is an image composition and editing program. Henning Makho...
Plone 2.x - MembershipTool Access Control Bypass
Plone 2.x - MembershipTool Access Control Bypass source: https://www.securityfocus.com/bid/17484/info Plone is susceptible to a remote access-control bypass vulnerability. This issue is due to the application's failure to properly enforce privileges to various MembershipTool methods. This issue...
GraphicsMagick: Format string vulnerability
Background GraphicsMagick is a collection of tools to read, write and manipulate images in many formats. Description The SetImageInfo function was found vulnerable to a format string mishandling. Daniel Kobras discovered that the handling of "%"-escaped sequences in filenames passed to the functi...
CVE-2006-0405
The TIFFFetchShortPair function in tifdirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service application crash via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function...
QDBM, ImageMagick, GDAL: RUNPATH issues
Background QDBM is a library of routines for managing a database. ImageMagick is a collection of tools to read, write and manipulate images. GDAL is a geospatial data abstraction library. Description Some packages may introduce insecure paths into the list of directories that are searched for...
XLI, Xloadimage: Buffer overflow
Background XLI and Xloadimage are X11 image manipulation utilities. Description When XLI or Xloadimage process an image, they create a new image object to contain the new image, copying the title from the old image to the newly created image. Ariel Berkman reported that the 'zoom', 'reduce', and...
All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image Manipulation
All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image Manipulation source: https://www.securityfocus.com/bid/12779/info PhotoPost PHP Pro is a web-based image gallery application written in PHP. It can be implemented on any platform that supports PHP script execution. Multiple remo...
All Enthusiast PhotoPost PHP Pro 5.0 - 'adm-photo.php' Arbitrary Image Manipulation
source: https://www.securityfocus.com/bid/12779/info PhotoPost PHP Pro is a web-based image gallery application written in PHP. It can be implemented on any platform that supports PHP script execution. Multiple remote vulnerabilities affect All Enthusiast PhotoPost PHP Pro. These issues are due t...
xv: Filename handling vulnerability
Background xv is an interactive image manipulation package for X11. Description Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the handling of image filenames by xv. Impact Successful exploitation would require a victim to process a specially crafted image with a...
Ikonboard crossite scripting
IMGjavascript:alertdocument.cookie.gif/IMG, Photo/javascript:alertdocument.cookie URL, Photo, X-Forwarded-For scripting...