The vulnerability of the opj_t1_encode_cblks function in the OpenJPEG image encoding and decoding library, related to a bug that leads to an infinite loop, allows attackers to cause service interruptions.

The vulnerability of the opjt1encodecblks function in the OpenJPEG image encoding and decoding library is related to an error that causes an infinite loop. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by using a specially created BMP file...

openSUSE Security Update : ovmf (openSUSE-2019-1139)

This update for ovmf fixes the following issue : Security issue fixed : - CVE-2018-12181: Fixed a stack-based buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503. This update was imported from the SUSE:SLE-12-SP3:Update update project. %NASLMINLEVEL 70300 C Tenable...

Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-devel / etc (VZLSA-2019-0633)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function

A flaw was found in freerdp in versions before versions 2.0.0-rc4. An integer overflow that leads to a heap-based buffer overflow in the gdiBitmapDecompress function leads to memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function

A flaw was found in freerdp in versions prior to version 2.0.0-rc4. An integer truncation that leads to a heap-based buffer overflow in the updatereadbitmapupdate function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well a...

DEBIAN-CVE-2018-12181

Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access...

UBUNTU-CVE-2018-12181

Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access...

SUSE SLES12 Security Update : ovmf (SUSE-SU-2019:0738-1)

This update for ovmf fixes the following issue : Security issue fixed : CVE-2018-12181: Fixed a stack-based buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

CentOS 7 : ghostscript (CESA-2019:0633)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript security update

CentOS Errata and Security Advisory CESA-2019:0633 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Oracle Linux 7 : ghostscript (ELSA-2019-0633)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-0633 advisory. - Resolves: 1678171 - CVE-2019-3835 ghostscript: superexec operator is available 700585 Tenable has extracted the preceding description block directly...

UBUNTU-CVE-2019-9797

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

Memory Corruption Vulnerability in Photo Lab's Processing of BMP Images

Photo Lab is a foreign photo viewing tool. Photo Lab suffers from a memory corruption vulnerability in the handling of BMP images, which can be exploited by an attacker to cause a program crash and execute arbitrary code by constructing a malformed BMP image...

DEBIAN-CVE-2018-14498

get8bitrow in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries...

The vulnerability of the process_bitmap_updates() function implementation in the RDP client rdesktop arises from integer overflow, which leads to stack overflow. This allows an attacker to execute arbitrary code.

The vulnerability of the processbitmapupdates function in the RDP-client rdesktop implementation is related to integer overflow, which can lead to stack overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Memory Corruption Vulnerability in CloudPulse Driving License Recognition Software

Xiamen Cloud Pulse Technology Co., Ltd. was founded in June 2002, Cloud Pulse Technology is in the leading position in cell phone photo text recognition, document recognition, bank card recognition, business card recognition, cell phone information network/PC synchronization and management...

Memory Corruption Vulnerability in Cloud Pulse License Plate Recognition Software

Xiamen Cloud Pulse Technology Co., Ltd. was established in June 2002, Cloud Pulse Technology mainly develops cell phone photo text recognition, document recognition, bank card recognition, business card recognition, cell phone information network/PC synchronization and management technology. A...

Memory Corruption Vulnerability in CloudPulse Passport Recognition Software

Xiamen Cloud Pulse Technology Co., Ltd. was established in June 2002, Cloud Pulse technology is mainly developed in the cell phone photo text recognition, document recognition, bank card recognition, business card recognition, cell phone information network/PC synchronization and management...

Memory Corruption Vulnerability in CloudPulse Card Recognition Software

Xiamen Cloud Pulse Technology Co., Ltd. was founded in June 2002, Cloud Pulse Technology is in the leading position in cell phone photo text recognition, document recognition, bank card recognition, business card recognition, cell phone information network/PC synchronization and management...

PT-2019-6420 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to v4.8 Description: The issue is related to out-of-bounds memory accesses in the Linux kernel's netlabel component. There are two array out-of-bounds memory accesses, one in the cipso v4 map lvl valid function, th...