SUSE CVE-2007-1246

The DMOVideoDecoderOpen function in loader/dmo/DMOVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerabilit...

SUSE CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

SUSE CVE-2013-1953

Integer underflow in the inputbmpreader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow...

CVE-2017-17557

In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can leverage this to...

FastStone MaxView Denial of Service Vulnerability

FastStone MaxView is an image viewer. A denial of service vulnerability exists in FastStone MaxView versions 3.0 and 3.1. An attacker can exploit the vulnerability to cause a denial of service application crash via a misformatted BMP image with a crafted biSize field in the BITMAPINFOHEADER secti...

Integer overflow

Integer underflow in the inputbmpreader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow...

Mandriva Update for xine-lib MDKSA-2007:057 (xine-lib)

Check for the Version of xine-lib OpenVAS Vulnerability Test Mandriva Update for xine-lib MDKSA-2007:057 xine-lib Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Mandrake Linux Security Advisory : xine-lib (MDKSA-2007:062)

The DSVideoDecoderOpen function in DirectShow/DSVideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Updated packages have been patched to address this issue...

DEBIAN-CVE-2007-1246

The DMOVideoDecoderOpen function in loader/dmo/DMOVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerabilit...