ImageMagick Denial of Service Vulnerability (CNVD-2018-26652)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the coders/bmp.c file in versions prior to ImageMagick 7.0.8-16, which can...

UBUNTU-CVE-2018-20467

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

UBUNTU-CVE-2018-20330

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench...

ALPINE-CVE-2018-20330

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench...

Micro Focus SUSE Linux Enterprise libqt5-qtbase Denial of Service Vulnerability

Micro Focus SUSE Linux Enterprise is a suite of enterprise Linux operating systems from Micro Focus in the UK. libqt5-qtbase is one of the libraries used to work with strings, XML, and more. A denial of service vulnerability exists in QBmpHandler in libqt5-qtbase in Micro Focus SUSE Linux...

Important: Red Hat Security Advisory: ghostscript security and bug fix update

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

DEBIAN-CVE-2018-20185

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits...

UBUNTU-CVE-2018-20185

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits...

CentOS 7 : ghostscript (CESA-2018:3761)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript security update

CentOS Errata and Security Advisory CESA-2018:3650 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Important: Red Hat Security Advisory: ghostscript security and bug fix update

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

FreeRDP Buffer Overflow Vulnerability

FreeRDP is a free, open source implementation of the Remote Desktop Protocol RDP developed by the FreeRDP team. A heap buffer overflow vulnerability exists in the 'gdiBitmapDecompress' function in versions prior to FreeRDP 2.0.0-rc4, which can be exploited by a remote attacker to cause a denial o...

FreeRDP Buffer Overflow Vulnerability (CNVD-2019-00652)

FreeRDP is a free, open source implementation of the Remote Desktop Protocol RDP developed by the FreeRDP team. A heap buffer overflow vulnerability exists in the 'updatereadbitmapupdate' function in versions of FreeRDP prior to 2.0.0-rc4, which can be exploited by a remote attacker to cause a...

CVE-2018-8787

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdiBitmapDecompress and results in a memory corruption and probably even a remote code execution...

DEBIAN-CVE-2018-8787

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdiBitmapDecompress and results in a memory corruption and probably even a remote code execution...

UBUNTU-CVE-2018-8787

FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdiBitmapDecompress and results in a memory corruption and probably even a remote code execution...

OMRON CX-Supervisor PAG Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader and Foxit PhantomPDF for Windows Out-of-Bounds Read Vulnerability (CNVD-2018-23237)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. An out-of-bounds read vulnerability exists in the processing of BMP images in Foxit Reader 9.2.0.9297 and earlier versions and Foxi...

DEBIAN-CVE-2018-18024

In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

PT-2018-3706 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8 through 7.0.13 Description: The issue is related to an infinite loop in the ReadBMPImage function of the coders/bmp.c file. This allows a remote attacker to cause a denial of service using a specially crafted bmp...