PT-2021-6410 · Siemens · Syngo Fastview

Name of the Vulnerable Software and Affected Versions: syngo fastView All versions Description: A vulnerability has been identified in the affected application, which lacks proper validation of user-supplied data when parsing BMP files. This could result in an out-of-bounds write past the end of ...

Bentley Systems Bentley View 缓冲区错误漏洞

A security vulnerability exists in Bentley View, a free viewer from Bentley Systems, U.S.A. The Bentley View BMP file parsing vulnerability is due to a failure to properly validate the length of user-supplied data before copying it to a heap buffer. An attacker could exploit this vulnerability to...

Bentley Systems Bentley View 缓冲区错误漏洞

Bentley View, a free viewer from Bentley Systems, Inc. A stack buffer overflow vulnerability exists in Bentley View BMP file parsing, which is due to a failure to properly validate the length of user-supplied data before copying it to the heap buffer. An attacker could exploit this vulnerability ...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in the ability to write code beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user, using a specially crafted .bmp...

[SECURITY] Fedora 34 Update: autotrace-0.31.1-62.fc34

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

CVE-2021-42270

Adobe Animate version 21.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file...

freerdp security update

2:2.2.0-7 - Updated: Refactored RPC gateway parser rhbz2017948 + fixed issues discovered by Covscan 2:2.2.0-6 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-5 - Revert: Refactored RPC gateway parser rhbz2017948 2:2.2.0-4 - Refactored RPC gateway parser rhbz2017948 2:2.2.0-3 - Add checks for...

Use-After-Free

autotrace is vulnerable to use-after-free. A bitmap double free in main.c allows attackers to cause use-after-free via a malformed bitmap image...

Integer Overflow

autotrace is vulnerable integer overflows. A biWidthbiBitCnt integer overflow in input-bmp.c allows attackers to provide an unexpected input value to malloc via a malformed bitmap image resulting in a system hang...

[SECURITY] Fedora 35 Update: autotrace-0.31.1-62.fc35

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

freerdp security update

2:2.2.0-5 - Update: Refactored RPC gateway parser rhbz2017944 + fix issues discovered by Covscan 2:2.2.0-4 - Refactored RPC gateway parser rhbz2017944 2.1.1-3 - Add checks for bitmap and glyph width/heigth values rhbz2017951...

Mozilla Firefox Security Advisory (MFSA2012-61) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CentOS 8 : autotrace (CESA-2021:4519)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4519 advisory. - autotrace: integer overflow in input-bmp.c CVE-2019-19004 - autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact...

Mozilla Firefox Security Advisory (MFSA2015-88) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Moderate: Red Hat Security Advisory: autotrace security update

An update for autotrace is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

autotrace: integer overflow in input-bmp.c

A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...

openjpeg: integer overflow in opj_j2k_setup_encoder function in openjp2/j2k.c

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opjj2ksetupencoder function openjp2/j2k.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

ALSA-2021:4519 Moderate: autotrace security update

AutoTrace is a program for converting bitmaps to vector graphics. Security Fixes: autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact CVE-2019-19005 autotrace: integer overflow in input-bmp.c CVE-2019-19004 For more details about the security issues, including...