147 matches found
CVE-2017-10743
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun /GS Exception starting at ntdll77df0000!LdrpInitializeNode+0x000000000000015b."...
CVE-2017-10735
IrfanView version 4.44 32bit might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!RtlpFreeHeap+0x00000000000003ca."...
ImageMagick 'coders/rle.c' Denial of Service Vulnerability
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in ImageMagick version 7.0.5-5, which stems from the program's failure to...
The vulnerability of the console-based graphic editor ImageMagick and the operating system OpenSUSE Leap allows a hacker to trigger a service failure.
The vulnerability of the ReadRLEImage function in the console-based image editing tool ImageMagick and the operating system OpenSUSE Leap is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability allows an attacker to cause a service failure application termination by...
DEBIAN-CVE-2015-8870
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service heap-based buffer over-read, or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file...
Autodesk Design Review BMP RLE Remote Code Execution Vulnerability
Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of BMP files due to a failure to ensure that run-length encoded data is written outside of an allocated buffer. An attacker could exploit this vulnerability to execute arbitrar...
libwmf: heap overflow within the RLE decoding of embedded BMP images
It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileg...
openSUSE Security Update : libwmf (openSUSE-2015-444)
libwmf was updated to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file with BMP portions in a libwmf based application could have executed arbitrary code with the user's privileges...
UBUNTU-CVE-2014-9853
Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service memory consumption via a crafted rle file...
DEBIAN-CVE-2013-3670
The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...
DEBIAN-CVE-2013-2496
The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...
PT-2011-3363 · Gnu +1 · Gimp +1
Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.11 Description: The issue is related to a heap-based buffer overflow in the read channel data function in the Paint Shop Pro PSP plugin. This can be triggered by a PSP COMP RLE aka RLE compression image file that begins a lon...
Adobe Reader Image Texture Malformed IFF File Memory Corruption (APSB11-03; CVE-2011-0590)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. Adobe Acrobat and Reader products include a plugin to parse the 3D image files inside PDF documents. PDF files can include 3D images in Universal 3D format that can link to external image files, such as an Interchange...
CVE-2010-4538
Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...
Buffer overflow
Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...
CVE-2010-4538
Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...
CVE-2010-4538
Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...
PT-2010-2050 · Microsoft · Directshow +8
Name of the Vulnerable Software and Affected Versions: Microsoft DirectX versions prior to the fixed version Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista Gold, SP1, and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2...
Microsoft GDI+ TIFF Memory Corruption (MS09-062; CVE-2009-2503)
The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer.A remote code execution vulnerability has been discovered in the way that GDI+ allocates memory.The vulnerability is due to the way that GDI+ renders...
CUPS: SGI image parser heap-based buffer overflow
Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...