EUVD-2026-27077

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

CVE-2021-26236

FastStone Image Viewer v.= 7.5 is affected by a Stack-based Buffer Overflow at 0x005BDF49, affecting the CUR file parsing functionality BITMAPINFOHEADER Structure, 'BitCount' file format field, that will end up corrupting the Structure Exception Handler SEH. Attackers could exploit this issue to...

Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Exploit Title: Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow Exploit Date: 22.01.2023 Discovered and Written by: Knursoft Vendor Homepage: https://www.rockstargames.com/ Version: v1.1 Tested on: Windows XP SP2/SP3, 7, 10 21H2 CVE : N/A 1 - Run this python script to generate...

SUSE CVE-2007-0653

Integer overflow in X MultiMedia System xmms 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption...

SUSE CVE-2016-8697

The bmnew function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service divide-by-zero error and crash via a crafted BMP image...

SUSE CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

DEBIAN-CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

LEAD Technologies LEADTOOLS Input Validation Error Vulnerability

LEAD Technologies LEADTOOLS is an image processing development kit from LEAD Technologies. An input validation error vulnerability exists in the BMP header parsing functionality in LEAD Technologies LEADTOOLS. The vulnerability can be exploited to execute arbitrary code with the help of specially...

OpenJPEG Denial of Service Vulnerability (CNVD-2017-28761)

OpenJPEG is a C-based open source JPEG 2000 codec . A security vulnerability exists in the 'bmpreadinfoheader' function in bin/jp2/convertbmp.c in OpenJPEG version 2.2.0, which originates from the program receiving a packet header with a biBitCount of zero. A remote attacker could use this...

UBUNTU-CVE-2017-12982

The bmpreadinfoheader function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service memory allocation failure in the opjimagecreate function in lib/openjp2/image.c, related to the opjalignedallocn...

DEBIAN-CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

UBUNTU-CVE-2016-8697

The bmnew function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service divide-by-zero error and crash via a crafted BMP image...

UBUNTU-CVE-2016-8686

The bmnew function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure...

Potrace de-zero error vulnerability

potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. A divide-by-zero error vulnerability exists in potrace bitmap.h. A remote attacker can exploit this vulnerabili...

DEBIAN-CVE-2013-1953

Integer underflow in the inputbmpreader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow...

AyeView 2.20 (invalid bitmap header parsing) DoS Exploit

No description provided by source. Name : AyeView v2.20 invalid bitmap header parsing DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.ayeview.com/downloads.htm Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Katharsis, str0ke, all...

ayeview-dos.txt

Name : AyeView v2.20 invalid bitmap header parsing DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.ayeview.com/downloads.htm Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Katharsis, str0ke, all from dark-coders and others; Short...

AyeView 2.20 - Invalid Bitmap Header Parsing Crash

AyeView 2.20 - Invalid Bitmap Header Parsing Crash Name : AyeView v2.20 invalid bitmap header parsing DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.ayeview.com/downloads.htm Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind,...

AyeView 2.20 (invalid bitmap header parsing) Crash Exploit

Exploit for unknown platform in category dos / poc...