Leadtools Image Parser Animated Icon Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Leadtools ...

DEBIAN-CVE-2020-9489

A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade ...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-13500)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A buffer overflow vulnerability exists in the PNG raster image parser in Accusoft ImageGear version 19.5.0. The vulnerability can be exploited by an attacker to execute code with the help of a specially...

LEADTOOLS TIF ImageWidth code execution vulnerability

Summary An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a...

UBUNTU-CVE-2019-15139

The XWD image X Window System window dumping file parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service application crash resulting from an out-of-bounds Read in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability th...

UBUNTU-CVE-2016-8729

An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to...

Vulnerability in the JPEG parser of PDF editing software like Adobe Acrobat Document Cloud, Adobe Acrobat, and PDF viewing software like Adobe Reader, Foxit Reader, Adobe Reader Document Cloud, allowing attackers to execute arbitrary code.

The vulnerability in the JPEG parser of PDF editing software like Adobe Acrobat Document Cloud, Adobe Acrobat, and PDF viewing software like Adobe Reader and Foxit Reader arises due to an operation going beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor to...

CVE-2017-3077

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3077

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3077

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3077

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution...

KLA11041 Arbitrary code execution vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code. 1. A use-after-free vulnerability related to manipulating the ActionScript 2 XML class can be exploited remotely to execute arbitrary code; 2. A...

IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability

IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability Summary An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation...

DEBIAN-CVE-2015-5162

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image...

Design/Logic Flaw

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image...

CVE-2015-5162

CVE-2015-5162 affects OpenStack components OpenStack Cinder, Glance, and Nova where the image parser does not properly limit qemu-img calls. This can allow an unprivileged user to trigger a denial of service through crafted disk images, consuming RAM and disk space on the compute host. Affected v...

PT-2016-3669 · Openstack +2 · Openstack Nova +4

Name of the Vulnerable Software and Affected Versions: OpenStack Cinder versions 7.0.0 through 7.0.1 and 8.0.0 through 8.1.1 and prior to 9.0.0 OpenStack Glance versions prior to 11.0.1 and 12.0.0 and prior to 14.0.0 OpenStack Nova versions prior to 12.0.4 and 13.0.0 Description: The image parser...

CVE-2015-5162

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image...

UBUNTU-CVE-2015-5162

The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0; and Nova before 12.0.4 and 13.0.0 does not properly limit qemu-img calls, which might allow attackers to cause a denial of service memory and disk consumption via a crafted disk image...

OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...