Lucene search
K

39 matches found

Prion
Prion
added 2015/12/15 9:59 p.m.13 views

Buffer overflow

Multiple buffer overflows in Autodesk Design Review ADR before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a 1 BMP or 2 FLI file, 3 encoded scan lines in a PCX file, or 4 DataSubBlock or 5 GlobalColorTable in a GIF file...

6.8CVSS8.2AI score0.03751EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2015/12/15 9:0 p.m.67 views

CVE-2015-8572

CVE-2015-8572 affects Autodesk Design Review (ADR). Public details describe multiple buffer overflow vulnerabilities in ADR prior to the 2013 Hotfix 2, exploitable via crafted image data: (1) BMP or (2) FLI files, (3) encoded scan lines in PCX files, or (4) DataSubBlock or (5) GlobalColorTable in...

6.8CVSS7.7AI score0.03751EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2015/12/15 9:0 p.m.33 views

CVE-2015-8572

Multiple buffer overflows in Autodesk Design Review ADR before 2013 Hotfix 2 allow remote attackers to execute arbitrary code via crafted RLE data in a 1 BMP or 2 FLI file, 3 encoded scan lines in a PCX file, or 4 DataSubBlock or 5 GlobalColorTable in a GIF file...

7.6AI score0.03751EPSS
Exploits0References6
CNVD
CNVD
added 2015/12/10 12:0 a.m.5 views

Autodesk Design Review FLI RLE Remote Code Execution Vulnerability

Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of FLI files due to a failure to ensure that execution length encoded data is written outside of an allocated buffer. An attacker could exploit this vulnerability to execute...

6.8CVSS7.7AI score0.03751EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.10 views

Trimble Navigation SketchUp BMP File Code Execution - Ver2 (CVE-2013-3663)

A remote code execution vulnerability exists in Trimble Navigation's SketchUp. The vulnerability is due to a heap buffer overflow while processing BMP files which contain malicious RLE data. Remote unauthenticated attackers can exploit this vulnerability by enticing a target user to open a...

9.3CVSS8AI score0.31864EPSS
Exploits1
NVD
NVD
added 2013/12/07 9:55 p.m.24 views

CVE-2013-0852

The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...

9.3CVSS6.6AI score0.02108EPSS
Exploits0References3
Prion
Prion
added 2013/12/07 9:55 p.m.16 views

Out-of-bounds

The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...

9.3CVSS6.9AI score0.02108EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/12/07 9:55 p.m.26 views

CVE-2013-0852

The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...

9.3CVSS7.3AI score0.02108EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2013/12/07 9:0 p.m.41 views

CVE-2013-0852

The parsepicturesegment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access...

9.3CVSS8.7AI score0.02108EPSS
Exploits0
NVD
NVD
added 2013/06/10 3:19 a.m.19 views

CVE-2013-3670

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

4.3CVSS6.8AI score0.01357EPSS
Exploits0References3
OSV
OSV
added 2013/06/10 3:19 a.m.7 views

CVE-2013-3670

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

7AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2013/06/10 3:19 a.m.30 views

CVE-2013-3670

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

4.3CVSS7.2AI score0.01357EPSS
Exploits0References2
Prion
Prion
added 2013/06/10 3:19 a.m.16 views

Out-of-bounds

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

4.3CVSS7.3AI score0.01357EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/03/09 11:55 a.m.21 views

Out-of-bounds

The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...

7.5CVSS7.9AI score0.01371EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2013/03/09 11:1 a.m.25 views

CVE-2013-2496

The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...

7.5CVSS7.3AI score0.01371EPSS
Exploits0
NVD
NVD
added 2008/10/14 9:10 p.m.18 views

CVE-2008-3639

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

7.5CVSS7.7AI score0.04403EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2008/10/14 9:10 p.m.36 views

CVE-2008-3639

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

7.5CVSS7.7AI score0.04403EPSS
Exploits0References2
Prion
Prion
added 2008/10/14 9:10 p.m.28 views

Heap overflow

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

7.5CVSS7.9AI score0.04403EPSS
Exploits0References28Affected Software1
Cvelist
Cvelist
added 2008/10/14 8:0 p.m.34 views

CVE-2008-3639

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

7.9AI score0.04403EPSS
Exploits0References28
Rows per page
Query Builder