SUSE CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmapunit value that leads to a buffer overflow...

SUSE CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

SUSE CVE-2007-0653

Integer overflow in X MultiMedia System xmms 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption...

SUSE CVE-2007-0654

Integer underflow in X MultiMedia System xmms 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow...

SUSE CVE-2007-1001

Multiple integer overflows in the 1 createwbmp and 2 readwbmp functions in wbmp.c in the GD library libgd in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap WBMP images with large width or height values...

SUSE CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

SUSE CVE-2007-3568

The LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service infinite loop via a BMP image with a Bits Per Page BPP value of 0...

SUSE CVE-2007-4990

The swapchar2b function in X.Org X Font Server xfs before 1.0.5 allows context-dependent attackers to execute arbitrary code via 1 QueryXBitmaps and 2 QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap...

SUSE CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

SUSE CVE-2008-0420

modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a craft...

SUSE CVE-2008-4069

The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file...

SUSE CVE-2008-5902

Buffer overflow in the xrdpbitmapinvalidate function in xrdp/xrdpbitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request...

SUSE CVE-2008-5903

Array index error in the xrdpbitmapdefproc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the editpos structure member...

SUSE CVE-2009-1570

Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow...

SUSE CVE-2009-2286

Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service crash via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch...

SUSE CVE-2010-0991

Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted 1 ARGB, 2 XPM, or 3 BMP file, related to the IMAGEDIMENSIONSOK macro in lib/image.h...

SUSE CVE-2011-0596

The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted 1 height and 2 width values for an RLE8 compressed bitmap, which trigger...

SUSE CVE-2011-0599

The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compressio...

SUSE CVE-2011-4131

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words...

SUSE CVE-2013-1579

The rtpsutiladdbitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service infinite loop via a...