CVE-2009-0723

Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...

RedHat Update for cairo RHSA-2007:1078-02

Check for the Version of cairo OpenVAS Vulnerability Test RedHat Update for cairo RHSA-2007:1078-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for GraphicsMagick FEDORA-2007-1340

Check for the Version of GraphicsMagick OpenVAS Vulnerability Test Fedora Update for GraphicsMagick FEDORA-2007-1340 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

OpenJDK Buffer overflow in image processing (6726779)

Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...

OpenJDK Buffer overflow in image processing (6726779)

Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...

OpenJDK Buffer overflow in image processing (6726779)

Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...

OpenJDK Buffer Overflow in GIF image processing (6766136)

Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll...

OpenJDK Buffer overflow in image processing (6726779)

Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...

Sun Java JRE Multiple Vulnerabilities (244986 et al)

The version of Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 11 / 5.0 Update 17 / 1.4.219 / 1.3.124. Such versions are potentially affected by the following security issues : - The JRE creates temporary files with insufficiently random names. 244986 - Ther...

[SECURITY] Fedora 10 Update: imlib2-1.4.2-2.fc10

Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...

[SECURITY] Fedora 9 Update: imlib2-1.4.0-7.fc9

Imlib 2 is a library that does image file loading and saving as well as rendering, manipulation, arbitrary polygon support, etc. It does ALL of these operations FAST. Imlib2 also tries to be highly intelligent about doing them, so writing naive programs can be done easily, without sacrificing...

Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities

Overview The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service DoS. Impact An attacker could cause a Denial of Service DoS or execute arbitrary code. Solution Please refer to the 'Vendor Information' section for official...

Design/Logic Flaw

Multiple unspecified vulnerabilities in the JPEG GDI+ and GIF image processing in Microsoft Windows CE 5.0 allow remote attackers to execute arbitrary code via crafted 1 JPEG and 2 GIF images...

CVE-2008-2160

CVE-2008-2160 affects Microsoft Windows CE 5.0, specifically the JPEG (GDI+) and GIF image processing components. The vulnerability allows remote code execution via crafted JPEG/GIF images. The provided documents do not include concrete exploit details or a confirmed remediation; one source notes...

Blender: Multiple vulnerabilities

Background Blender is a 3D creation, animation and publishing program. Description Stefan Cornelius Secunia Research reported a boundary error within the imbloadhdr function in in the file source/blender/imbuf/intern/radiancehdr.c when processing RGBE images CVE-2008-1102. Multiple vulnerabilitie...

libpng: Execution of arbitrary code

Background libpng is a free ANSI C library used to process and manipulate PNG images. Description Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call...

openSUSE 10 Security Update : opera (opera-5154)

A flaw when processing images could crash opera. Attackers could potentially even exploit that to execute code. This update upgrades opera to version 9.27 to fix the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Integer overflow

Multiple integer overflows in 1 filter/image-png.c and 2 filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service crash and trigger memory corruption, as demonstrated via a crafted PNG image...

Sun Java JRE Multiple Vulnerabilities (233321-233327)

The version of Sun Java Runtime Environment JRE installed on the remote host is affected by one or more security issues : - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges 233321. - When processing XS...

Core Security Technologies Advisory 2008.0124

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Multiple vulnerabilities in Google's Android SDK Advisory Information Title: Multiple vulnerabilities in Google's Android SDK Advisory ID: CORE-2008-0124 Advisory URL:...