161 matches found
[SECURITY] [DLA 1185-1] sam2p security update
Package : sam2p Version : 0.49.1-1+deb7u2 CVE ID : CVE-2017-16663 It was discovered that sam2p, a utility to convert raster images and other image formats, was affected by an integer overflow vulnerability with resultant heap-based buffer overflow in input-bmp.ci because width and height...
DLA-1185-1 sam2p - security update
Bulletin has no description...
sam2p integer overflow vulnerability (CNVD-2017-36354)
sam2p is a command-line utility that can convert many raster bitmap image formats such as GIF, JPG/JPEG and PNG to PostScript or PDF files. An integer overflow vulnerability exists in input-bmp.ci in the ReadImage function in sam2p version 0.49.4, for which there is currently no detailed...
CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
Integer overflow
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
UBUNTU-CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
CVE-2017-16663
In sam2p 0.49.4, there are integer overflows with resultant heap-based buffer overflows in input-bmp.ci in the function ReadImage, because "width height" multiplications occur unsafely...
CVE-2017-16663
CVE-2017-16663 affects sam2p 0.49.4, where integer overflows in input-bmp.ci ReadImage are caused by unsafe width*height multiplications, leading to heap-based buffer overflows and potential memory corruption. Connected sources confirm the vulnerability details but do not provide a specific remed...
Debian DLA-1127-1 : sam2p security update
Several vulnerabilites, like heap-based buffer overflows, integer signedness or overflow errors have been found by fpbibi and have been fixed by upstream. For Debian 7 'Wheezy', these problems have been fixed in version 0.49.1-1+deb7u1. We recommend that you upgrade your sam2p packages. NOTE:...
[SECURITY] [DLA 1127-1] sam2p security update
Package : sam2p Version : 0.49.1-1+deb7u1 CVE ID : CVE-2017-14628 CVE-2017-14629 CVE-2017-14630 CVE-2017-14631 CVE-2017-14636 CVE-2017-14637 Several vulnerabilites, like heap-based buffer overflows, integer signedness or overflow errors have been found by fpbibi and have been fixed by upstream. F...
DLA-1127-1 sam2p - security update
Bulletin has no description...
FreeBSD : sam2p -- multiple issues (43a1b8f9-3451-4f3c-b4fc-730c0f5876c1)
sam2p developers report : In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file inpcx.cpp. In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. In sam2p...
sam2p integer overflow vulnerability (CNVD-2017-34029)
sam2p is a UNIX command line utility program written in C++ that converts images to PDF and other formats. An integer overflow vulnerability exists in sam2p version 0.49.3. A remote attacker could exploit this vulnerability to cause memory corruption...
sam2p file write vulnerability
sam2p is a UNIX command line utility program written in C++ that converts images to PDF and other formats. A file write vulnerability exists in sam2p version 0.49.3. An attacker can exploit this vulnerability to write to an illegal address...
CVE-2017-14637
In sam2p 0.49.3, there is an invalid read of size 2 in the parsergb function in inxpm.cpp. However, this can also cause a write to an illegal address...
UBUNTU-CVE-2017-14636
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes memory corruption because of an attempted write to the invalid d0xfffffffe array element...
Code injection
In sam2p 0.49.3, there is an invalid read of size 2 in the parsergb function in inxpm.cpp. However, this can also cause a write to an illegal address...
Integer overflow
Because of an integer overflow in sam2p 0.49.3, a loop executes 0xffffffff times, ending with an invalid read of size 1 in the Image::Indexed::sortPal function in image.cpp. However, this also causes memory corruption because of an attempted write to the invalid d0xfffffffe array element...