UBUNTU-CVE-2018-7589

An issue was discovered in CImg v.220. A double free in loadbmp in CImg.h occurs when loading a crafted bmp image...

Microsoft Windows Kernel (7 x86) - Local Privilege Escalation (MS16-039)

include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif static HBITMAP hBmpHunted = NULL; static HBITMAP hBmpExtend = NULL; static DWORD...

UBUNTU-CVE-2018-7588

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image...

CVE-2018-4881

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of...

CVE-2018-4886

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation occurs in...

libreoffice/lwpfuzzer: Stack-buffer-overflow in vcl::bitmap::CreateFromData

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5090493626056704 Project: libreoffice Fuzzer: libFuzzerlibreofficelwpfuzzer Fuzz target binary: lwpfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type:...

libreoffice/tgafuzzer: Heap-buffer-overflow in vcl::bitmap::RawBitmap::SetPixel

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5733672629043200 Project: libreoffice Fuzzer: afllibreofficetgafuzzer Fuzz target binary: tgafuzzer Job Type: aflasanlibreoffice Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1...

DEBIAN-CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

ALPINE-CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

UBUNTU-CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

RDPY - Remote Desktop Protocol in Twisted Python

RDPY is a pure Python implementation of the Microsoft RDP Remote Desktop Protocol protocol client and server side. RDPY is built over the event driven network engine Twisted. RDPY support standard RDP security layer, RDP over SSL and NLA authentication through ntlmv2 authentication protocol. RDPY...

OpenJPEG integer overflow vulnerability (CNVD-2018-04305)

OpenJPEG is an open source JPEG 2000 codec written in C language. An integer overflow vulnerability exists in OpenJPEG 2.3.0. The vulnerability arises due to an out-of-bounds left shift in the opjj2ksetupencoder function openjp2/j2k.c. A remote attacker could exploit this vulnerability via a...

OpenJPEG integer overflow vulnerability (CNVD-2018-04193)

OpenJPEG is a C-based open source JPEG 2000 codec . An integer overflow vulnerability exists in the 'opjt1encodecblks' function in the openjp2/t1.c file in OpenJPEG version 2.3.0. A remote attacker can exploit this vulnerability to cause a denial of service with a specially crafted bmp file...

UBUNTU-CVE-2018-5727

In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

DEBIAN-CVE-2018-5685

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function coders/bmp.c. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value...

UBUNTU-CVE-2018-5685

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function coders/bmp.c. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value...

CVE-2017-13199

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2017-13199

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation...

Blender Sequencer imb_bmp_decode Integer Overflow Vulnerability

Blender is an open source cross-platform all-in-one 3D animation software, providing a series of animated short film production solutions from modeling, animation, materials, rendering, to audio processing, video editing and so on. Blender Sequencer imbbmpdecode has an integer overflow...

Memory Corruption Vulnerability in 2345 Viewer V9.0

2345 Viewer is one of the fastest and most format-compatible high-definition image viewing software. A memory corruption vulnerability exists in 2345 Viewer V9.0 when parsing the BMP file format, which allows an attacker to construct a malicious BMP image file to trigger a memory corruption,...