SUSE CVE-2004-0803

Multiple vulnerabilities in the RLE run length encoding decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files...

SUSE CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file...

SUSE CVE-2017-11352

In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144...

SUSE CVE-2019-11006

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet...

SUSE CVE-2022-36354

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...

DEBIAN-CVE-2022-36354

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...

UBUNTU-CVE-2022-36354

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read and write library that also provides several tools and applications. OpenImageIO v2.3.19.0 is vulnerable to a heap out-of-bounds write vulnerability when processing RLE-encoded BMP images. An attacker could exploit this vulnerability to write arbitrary out-of-bounds...

PT-2022-3459 · Pillow · Pillow

Name of the Vulnerable Software and Affected Versions: Pillow version 9.1.0 Description: The issue is related to a heap buffer overflow in the processing of invalid TGA image files. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected...

GHSA-CJW4-2W9R-R8MV Missing Initialization of Resource in Apache Arrow

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

python-pillow: Buffer over-read in SGI RLE image reader

A flaw was found in python-pillow. SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

DEBIAN-CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

UBUNTU-CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

PT-2021-7979 · Unknown +3 · Stb Image.H +3

Name of the Vulnerable Software and Affected Versions: stb image.h versions 1.33 through 2.27 Description: The issue is related to the HDR loader in stb image.h, which parses truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. This could allow a remote attacker to cau...

CVE-2021-29362

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa30 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

CVE-2021-29363

A buffer overflow vulnerability in FORMATS!ReadRASW+0xa74 of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file.0xa74...

CVE-2021-29360

A buffer overflow vulnerability in FORMATS!ReadUtahRLE+0x37a of Irfanview 4.57 allows attackers to execute arbitrary code via a crafted RLE file...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code via specially crafted RLE files...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer that supports image browsing, image editing, image format conversion, etc. Irfanview is vulnerable to a buffer error that can be exploited by attackers to execute arbitrary code via a crafted RLE file...