PYSEC-2020-91

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

PYSEC-2020-91

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

Design/Logic Flaw

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

CVE-2020-10571

An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...

CVE-2020-10571

The CVE-2020-10571 issue affects psd-tools prior to v1.9.4, where the Cython implementation of RLE decoding fails to validate input data. This can be triggered by malicious or malformed PSD input, with documented advisories describing a related buffer overflow scenario when the Cython path is use...

Fedora 22 : libwmf-0.2.8.4-45.fc22 (2015-10627)

CVE-2015-0848 heap overflow when decoding BMP images CVE-2015-4588 RLE decoding doesn't check that the 'count' fits into the image CVE-2015-4695 metapencreate heap buffer overflow CVE-2015-4696 wmf2gd/wmf2eps use after free Note that Tenable Network Security has extracted the preceding descriptio...

[SECURITY] [DLA 253-1] libwmf security update

Package : libwmf Version : 0.2.8.4-6.2+deb6u1 CVE ID : CVE-2015-0848 CVE-2015-4588 Debian Bug : 787644 The following vulnerabilities were discovered in the Windows Metafile conversion library when reading BMP images embedded into WMF files: CVE-2015-0848 A heap overflow when decoding embedded BMP...

Debian DLA-253-1 : libwmf security update

The following vulnerabilities were discovered in the Windows Metafile conversion library when reading BMP images embedded into WMF files : CVE-2015-0848 A heap overflow when decoding embedded BMP images that don't use 8 bits per pixel. CVE-2015-4588 A missing check in the RLE decoding of embedded...

Updated tigervnc packages fix CVE-2014-0011

Updated tigervnc packages fix security vulnerability: A heap-based buffer overflow was found in the way vncviewer rendered certain screen images from a vnc server. If a user could be tricked into connecting to a malicious vnc server, it may cause the vncviewer to crash, or could possibly execute...

ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability

ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-296 October 26, 2011 -- CVE ID: CVE-2011-2438 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Reader --...

Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image...

Mandrake Linux Security Advisory : imlib2 (MDKSA-2007:156)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...

Mandrake Linux Security Advisory : imlib2 (MDKSA-2006:198-1)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...