Lucene search
+L

233 matches found

CNVD
CNVD
added 2015/12/10 12:0 a.m.5 views

Autodesk Design Review BMP RLE Remote Code Execution Vulnerability

Autodesk Design Review is free DWF viewer software. A security vulnerability exists in Autodesk Design Review's handling of BMP files due to a failure to ensure that run-length encoded data is written outside of an allocated buffer. An attacker could exploit this vulnerability to execute arbitrar...

6.8CVSS7.6AI score0.03751EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/10/20 4:10 p.m.6 views

libwmf: heap overflow within the RLE decoding of embedded BMP images

It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileg...

6.8CVSS6.8AI score0.09221EPSS
Exploits1References4
OSV
OSV
added 2015/07/01 2:59 p.m.2 views

DEBIAN-CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file...

6.8CVSS6.7AI score0.09221EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2015/07/01 12:0 a.m.3 views

PT-2015-6631 · Sourceforge +5 · Libwmf +5

Name of the Vulnerable Software and Affected Versions: libwmf version 0.2.8.4 Description: The issue is related to a heap-based buffer overflow in the DecodeImage function, which can be triggered by a crafted "run-length count" in an image in a WMF file. This can cause a denial of service crash o...

7.5CVSS8.7AI score0.09221EPSS
Exploits3References83
UbuntuCve
UbuntuCve
added 2015/07/01 12:0 a.m.27 views

CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file...

6.8CVSS6.8AI score0.09221EPSS
Exploits1References3
OSV
OSV
added 2015/07/01 12:0 a.m.3 views

UBUNTU-CVE-2015-4588

Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file...

6.8CVSS7AI score0.09221EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.28 views

openSUSE Security Update : libwmf (openSUSE-2015-444)

libwmf was updated to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-0848: An attacker that could trick a victim into opening a specially crafted WMF file with BMP portions in a libwmf based application could have executed arbitrary code with the user's privileges...

6.8CVSS6.8AI score0.09221EPSS
Exploits1References3
OSV
OSV
added 2014/12/31 12:0 a.m.4 views

UBUNTU-CVE-2014-9853

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service memory consumption via a crafted rle file...

5.5CVSS6.8AI score0.01815EPSS
Exploits0References3
OSV
OSV
added 2013/06/10 3:19 a.m.3 views

DEBIAN-CVE-2013-3670

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

4.3CVSS7.1AI score0.01357EPSS
Exploits0References1
OSV
OSV
added 2013/03/09 11:55 a.m.2 views

DEBIAN-CVE-2013-2496

The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...

7.5CVSS7.5AI score0.01371EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2012/06/29 12:0 a.m.30 views

ACDSee Pro < 5.2 Multiple Memory Corruption Vulnerabilities

ACDSee, an image editing application, is installed on the remote host. The installed version of ACDSee is earlier than 5.2 and thus is potentially affected by multiple vulnerabilities : - Insufficient validation in IDICO.apl when copying colors from cursors in .CUR files can be exploited to cause...

6.1AI score
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2011/10/27 12:0 a.m.55 views

Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

9CVSS3.3AI score0.05134EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2011/07/27 12:0 a.m.4 views

PT-2011-3363 · Gnu +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.11 Description: The issue is related to a heap-based buffer overflow in the read channel data function in the Paint Shop Pro PSP plugin. This can be triggered by a PSP COMP RLE aka RLE compression image file that begins a lon...

7.5CVSS8AI score0.03425EPSS
Exploits0References7
Check Point Advisories
Check Point Advisories
added 2011/02/23 12:0 a.m.8 views

Adobe Reader Image Texture Malformed IFF File Memory Corruption (APSB11-03; CVE-2011-0590)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. Adobe Acrobat and Reader products include a plugin to parse the 3D image files inside PDF documents. PDF files can include 3D images in Universal 3D format that can link to external image files, such as an Interchange...

9.3CVSS7.1AI score0.06417EPSS
Exploits0
Prion
Prion
added 2011/01/07 7:0 p.m.19 views

Buffer overflow

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

9.3CVSS8.6AI score0.28983EPSS
Exploits1References22Affected Software1
UbuntuCve
UbuntuCve
added 2011/01/07 7:0 p.m.25 views

CVE-2010-4538

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

9.3CVSS7.2AI score0.28983EPSS
Exploits1References1
Cvelist
Cvelist
added 2011/01/07 6:0 p.m.26 views

CVE-2010-4538

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

7.7AI score0.28983EPSS
Exploits1References22
Debian CVE
Debian CVE
added 2011/01/07 6:0 p.m.42 views

CVE-2010-4538

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

9.3CVSS7.9AI score0.28983EPSS
Exploits1
FreeBSD
FreeBSD
added 2010/09/20 12:0 a.m.14 views

FreeBSD -- Integer overflow in bzip2 decompression

Problem Description: When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow...

3.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2010/02/09 12:0 a.m.6 views

PT-2010-2050 · Microsoft · Directshow +8

Name of the Vulnerable Software and Affected Versions: Microsoft DirectX versions prior to the fixed version Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista Gold, SP1, and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2...

9.3CVSS7.7AI score0.31862EPSS
Exploits1References10
Rows per page
Query Builder