Lucene search
K

927 matches found

seebug.org
seebug.org
added 2007/12/09 12:0 a.m.38 views

Opera Web浏览器位图文件RLE远程拒绝服务漏洞

BUGTRAQ ID: 26721 Opera是一款流行的WEB浏览器,支持多种平台。 Opera在处理畸形的BMP文件时存在漏洞,可能导致系统一定时间的性能大幅下降。 BMP文件允许游程长度编码4位和8位的位图。BMP格式中所使用的RLE有一些额外的功能,如移动到其他行和列的写指针(00 02 XX YY)。Opera实现00 02 XX YY功能的算法过于缓慢,正常解压算法是将XX和YY width添加到写指针,而Opera的实现要执行XX + YY width递增,每次递增都要执行自己的检查和其他计算。 攻击者可以创建最大宽度(约32000像素)的BMP文件,用00 02 FF F...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/07/20 12:0 a.m.47 views

Microsoft DirectX RLE压缩Targa图形文件堆溢出漏洞

BUGTRAQ ID: 24963 CVECAN ID: CVE-2006-4183 Microsoft DirectX是一个API集,用于在Windows操作系统上处理有关游戏编程的任务。 DirectX库打开RLE压缩的Targa格式图形文件的方式存在堆溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户处理畸形文件控制用户系统。...

6.8CVSS6.4AI score0.08163EPSS
Exploits1
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.54 views

iDefense Security Advisory 07.18.07: Microsoft DirectX RLE Compressed Targa Image File Heap Overflow

Microsoft DirectX RLE Compressed Targa Image File Heap Overflow iDefense Security Advisory 07.18.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 18, 2007 I. BACKGROUND Microsoft DirectX is a collection of APIs for easily handling tasks related to game programming on the Microsoft...

6.8CVSS7.2AI score0.08163EPSS
Exploits1
NVD
NVD
added 2007/07/18 11:30 p.m.20 views

CVE-2006-4183

Heap-based buffer overflow in Microsoft DirectX SDK February 2006 and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding RLE compression that produces more data than expected when...

6.8CVSS7.7AI score0.08163EPSS
Exploits1References8
Prion
Prion
added 2007/04/25 4:19 p.m.20 views

Buffer overflow

Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted 1 BMP, 2 DIB, or 3 RLE file...

9.3CVSS8AI score0.35388EPSS
Exploits1References18Affected Software3
NVD
NVD
added 2007/04/25 4:19 p.m.21 views

CVE-2007-2244

Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted 1 BMP, 2 DIB, or 3 RLE file...

9.3CVSS7.5AI score0.35388EPSS
Exploits1References18
Cvelist
Cvelist
added 2007/04/25 4:0 p.m.26 views

CVE-2007-2244

Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted 1 BMP, 2 DIB, or 3 RLE file...

7.5AI score0.35388EPSS
Exploits1References18
CVE
CVE
added 2007/04/25 4:0 p.m.72 views

CVE-2007-2244

CVE-2007-2244 corresponds to multiple buffer overflows in Adobe products (Photoshop CS2/CS3, Illustrator CS3, GoLive 9) that can be triggered by BMP, DIB, or RLE images, as noted by NVD with a high CVSS v2 score (9.3). Connected OpenVAS entries (APSB07-16) describe Adobe Illustrator-specific Wind...

9.3CVSS7.5AI score0.35388EPSS
Exploits1References18Affected Software3
Exploit DB
Exploit DB
added 2007/04/04 12:0 a.m.24 views

FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption

// source: https://www.securityfocus.com/bid/23312/info FastStone Image Viewer is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issues allows attackers to crash the affected application...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.37 views

Mandrake Linux Security Advisory : wxGTK2 (MDKSA-2004:111)

Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities : Chris Evans discovered several problems in the RLE run length encoding decoders that could lead to arbitrary code execution. CVE-2004-0803 Matthias Clase...

7.5CVSS5.7AI score0.08268EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.25 views

Mandrake Linux Security Advisory : imlib2 (MDKSA-2006:198-1)

M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...

5.1CVSS5.8AI score0.04205EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/12/16 12:0 a.m.35 views

Mandrake Linux Security Advisory : libtiff (MDKSA-2006:137)

Tavis Ormandy, Google Security Team, discovered several vulnerabilities the libtiff image processing library : Several buffer overflows have been discovered, including a stack buffer overflow via TIFFFetchShortPair in tifdirread.c, which is used to read two unsigned shorts from the input file...

7.8CVSS8.7AI score0.53046EPSS
Exploits13References7
Gentoo Linux
Gentoo Linux
added 2006/08/04 12:0 a.m.45 views

libTIFF: Multiple vulnerabilities

Background libTIFF provides support for reading and manipulating TIFF images. Description Tavis Ormandy of the Google Security Team discovered several heap and stack buffer overflows and other flaws in libTIFF. The affected parts include the TIFFFetchShortPair, TIFFScanLineSize and...

7.8CVSS6.9AI score0.53046EPSS
Exploits13
UbuntuCve
UbuntuCve
added 2006/08/03 1:4 a.m.35 views

CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.5CVSS7.5AI score0.05218EPSS
Exploits1References2
NVD
NVD
added 2006/08/03 1:4 a.m.19 views

CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.5CVSS7.5AI score0.05218EPSS
Exploits1References47
OSV
OSV
added 2006/08/03 1:4 a.m.9 views

CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.6AI score
Exploits0References48
OSV
OSV
added 2006/08/03 1:4 a.m.3 views

DEBIAN-CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.5CVSS8.4AI score0.05218EPSS
Exploits1References1
Cvelist
Cvelist
added 2006/08/03 1:0 a.m.24 views

CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.5AI score0.05218EPSS
Exploits1References47
CVE
CVE
added 2006/08/03 1:0 a.m.74 views

CVE-2006-3462

The CVE-2006-3462 issue is a heap-based buffer overflow in the NeXT RLE decoder of libtiff (libtiff) prior to 3.8.2. It may allow context-dependent attackers to execute arbitrary code when decoding large RLE images. Connected documents confirm libtiff in affected packages and reference updates th...

7.5CVSS7.4AI score0.05218EPSS
Exploits1References47Affected Software1
Debian CVE
Debian CVE
added 2006/08/03 1:0 a.m.32 views

CVE-2006-3462

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.5CVSS7.4AI score0.05218EPSS
Exploits1
Rows per page
Query Builder