927 matches found
Opera Web浏览器位图文件RLE远程拒绝服务漏洞
BUGTRAQ ID: 26721 Opera是一款流行的WEB浏览器,支持多种平台。 Opera在处理畸形的BMP文件时存在漏洞,可能导致系统一定时间的性能大幅下降。 BMP文件允许游程长度编码4位和8位的位图。BMP格式中所使用的RLE有一些额外的功能,如移动到其他行和列的写指针(00 02 XX YY)。Opera实现00 02 XX YY功能的算法过于缓慢,正常解压算法是将XX和YY width添加到写指针,而Opera的实现要执行XX + YY width递增,每次递增都要执行自己的检查和其他计算。 攻击者可以创建最大宽度(约32000像素)的BMP文件,用00 02 FF F...
Microsoft DirectX RLE压缩Targa图形文件堆溢出漏洞
BUGTRAQ ID: 24963 CVECAN ID: CVE-2006-4183 Microsoft DirectX是一个API集,用于在Windows操作系统上处理有关游戏编程的任务。 DirectX库打开RLE压缩的Targa格式图形文件的方式存在堆溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户处理畸形文件控制用户系统。...
iDefense Security Advisory 07.18.07: Microsoft DirectX RLE Compressed Targa Image File Heap Overflow
Microsoft DirectX RLE Compressed Targa Image File Heap Overflow iDefense Security Advisory 07.18.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 18, 2007 I. BACKGROUND Microsoft DirectX is a collection of APIs for easily handling tasks related to game programming on the Microsoft...
CVE-2006-4183
Heap-based buffer overflow in Microsoft DirectX SDK February 2006 and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding RLE compression that produces more data than expected when...
Buffer overflow
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted 1 BMP, 2 DIB, or 3 RLE file...
CVE-2007-2244
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted 1 BMP, 2 DIB, or 3 RLE file...
CVE-2007-2244
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted 1 BMP, 2 DIB, or 3 RLE file...
CVE-2007-2244
CVE-2007-2244 corresponds to multiple buffer overflows in Adobe products (Photoshop CS2/CS3, Illustrator CS3, GoLive 9) that can be triggered by BMP, DIB, or RLE images, as noted by NVD with a high CVSS v2 score (9.3). Connected OpenVAS entries (APSB07-16) describe Adobe Illustrator-specific Wind...
FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption
// source: https://www.securityfocus.com/bid/23312/info FastStone Image Viewer is prone to multiple denial-of-service vulnerabilities because the application fails to properly handle malformed BMP image files. Successfully exploiting these issues allows attackers to crash the affected application...
Mandrake Linux Security Advisory : wxGTK2 (MDKSA-2004:111)
Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities : Chris Evans discovered several problems in the RLE run length encoding decoders that could lead to arbitrary code execution. CVE-2004-0803 Matthias Clase...
Mandrake Linux Security Advisory : imlib2 (MDKSA-2006:198-1)
M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an...
Mandrake Linux Security Advisory : libtiff (MDKSA-2006:137)
Tavis Ormandy, Google Security Team, discovered several vulnerabilities the libtiff image processing library : Several buffer overflows have been discovered, including a stack buffer overflow via TIFFFetchShortPair in tifdirread.c, which is used to read two unsigned shorts from the input file...
libTIFF: Multiple vulnerabilities
Background libTIFF provides support for reading and manipulating TIFF images. Description Tavis Ormandy of the Google Security Team discovered several heap and stack buffer overflows and other flaws in libTIFF. The affected parts include the TIFFFetchShortPair, TIFFScanLineSize and...
CVE-2006-3462
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...
CVE-2006-3462
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...
CVE-2006-3462
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...
DEBIAN-CVE-2006-3462
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...
CVE-2006-3462
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...
CVE-2006-3462
The CVE-2006-3462 issue is a heap-based buffer overflow in the NeXT RLE decoder of libtiff (libtiff) prior to 3.8.2. It may allow context-dependent attackers to execute arbitrary code when decoding large RLE images. Connected documents confirm libtiff in affected packages and reference updates th...
CVE-2006-3462
Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...