131 matches found
CVE-2017-9196
CVE-2017-9196 affects AutoTrace 0.31.1 via the libautotrace.a library. The ReadImage function in input-tga.c at line 528:7 contains a negative-size-param vulnerability that is described as a heap/buffer issue. Public sources (CNVD and related analyses) indicate this flaw could allow an attacker t...
CVE-2017-9176
CVE-2017-9176 affects AutoTrace 0.31.1, specifically the libautotrace.a library. The vulnerability arises in the ReadImage function of input-bmp.c (line 370:25), leading to an invalid write and a segmentation fault, which can cause a denial of service. The included references indicate both NVD an...
CVE-2017-9176
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid write and SEGV, related to the ReadImage function in input-bmp.c:370:25...
PT-2017-18776 · None +2 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 ALT Linux affected versions not specified Description: The issue is related to a heap-based buffer over-read in the ReadImage function. This function is located in the input-tga.c file. The estimated number of...
PT-2017-18777 · Autotrace +1 · Autotrace +2
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 ALT Linux affected versions not specified Description: The issue is related to a heap-based buffer over-read in the ReadImage function, located in input-tga.c. This function is part of the libautotrace.a library in...
PT-2017-18761 · Autotrace +1 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid read and SEGV. This is related to the ReadImage function in input-bmp.c. Recommendations: For AutoTrace version...
PT-2017-18760 · Autotrace +1 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid write and SEGV. This is related to the ReadImage function in input-bmp.c. Recommendations: For AutoTrace version...
PT-2017-18752 · Autotrace +1 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is related to a heap-based buffer overflow in the ReadImage function, located in the input-bmp.c file. This overflow occurs at line 370, column 25, and is associated with the libautotrace.a...
PT-2017-18759 · Autotrace +1 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid read and SEGV. This is related to the ReadImage function in input-bmp.c. Recommendations: For AutoTrace version...
PT-2017-18753 · Autotrace +1 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is related to a heap-based buffer over-read in the ReadImage function, located in the input-bmp.c file. This function is part of the libautotrace.a library in AutoTrace. Recommendations: For...
CVE-2016-0483
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not...
CVE-2016-0483
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not...
CVE-2016-0483
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not...
Oracle Solaris Third-Party Patch Update : gimp (multiple_vulnerabilities_in_gimp)
The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file,...
CVE-2012-3481
CVE-2012-3481 affects GIMP (GIF image format plug-in) version 2.8.x and earlier, where an integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c can be triggered by crafted height and len properties in a GIF file. This heap-based buffer overflow enables a remote attacker to...
plug-in): Heap-based buffer overflow by loading certain GIF images
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted height and len properties in a GIF image...
DEBIAN-CVE-2009-1570
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow...
CVE-2009-1570
Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow...
Mandriva Linux Security Advisory : tk (MDVSA-2008:041)
The ReadImage function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
tk: GIF handling buffer overflow
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk Tcl/Tk before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484...