UBUNTU-CVE-2017-9184

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7...

UBUNTU-CVE-2017-9190

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid free, related to the freebitmap function in bitmap.c:24:5...

UBUNTU-CVE-2017-9179

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid read and SEGV, related to the ReadImage function in input-bmp.c:425:14...

PT-2017-18759 · Autotrace +1 · Autotrace +1

Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid read and SEGV. This is related to the ReadImage function in input-bmp.c. Recommendations: For AutoTrace version...

Silicon Graphics LibTIFF Heap Buffer Overflow Vulnerability (CNVD-2017-07752)

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A heap buffer overflow vulnerability exists in bmp2tiff in Silicon Graphics LibTIFF version...

DEBIAN-CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

PT-2017-2616 · Libtiff +3 · Libtiff +3

Name of the Vulnerable Software and Affected Versions: LibTIFF versions 4.0.6 through 4.0.7 Description: The issue arises from the program's failure to verify that biWidth and biHeight in the bitmap-information header of BMP images match the actual input. This leads to a heap-based buffer...

UBUNTU-CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

ghostscript security update

CentOS Errata and Security Advisory CESA-2017:1230 An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

RHEL 6 / 7 : ghostscript (RHSA-2017:1230)

An update for ghostscript is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

jasper: missing SIZ marker segment XRsiz and YRsiz fields range check

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...

jasper: missing jas_matrix_create() parameter checks

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

jasper: missing jas_matrix_create() parameter checks

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image...

Fedora 25 : 1:xrdp / xorgxrdp (2017-7bd002b77c)

New upstream version of xorgxrdp and xrdp : New features in xrdp : - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg xorgxrdp as the...

dlplibs: Container-overflow in MWAWPictBitmapContainerBool::setRowPacked

Detailed report: https://oss-fuzz.com/testcase?key=4685785548718080 Project: dlplibs Fuzzer: afldlplibsapplepictfuzzer Fuzz target binary: applepictfuzzer Job Type: aflasandlplibs Platform Id: linux Crash Type: Container-overflow READ 1 Crash Address: 0x621000001e12 Crash State:...

ImageWorsener 'src/imagew-bmp.c' Denial of Service Vulnerability

ImageWorsener is a set of image scaling and processing utilities. A security vulnerability exists in the 'iwreadbmpfile' function in the imagew-bmp.c file of libimageworsener.a in ImageWorsener version 1.3.0. A remote attacker can exploit this vulnerability to consume available memory with the he...

Buffer Overflow Arbitrary Code Execution Vulnerability in BMP Image Processing by Greenfish Icon Editor Pro

Greenfish Icon Editor Pro is a powerful icon, cursor, animation and icon library editor. Greenfish Icon Editor Pro suffers from a buffer overflow arbitrary code execution vulnerability when handling BMP images, which can be exploited by an attacker to forge BMP images resulting in arbitrary code...

Design/Logic Flaw

Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation...

CVE-2017-7616

Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation...

CVE-2017-7616

Incorrect error handling in the setmempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation...