potrace null pointer back-reference vulnerability (CNVD-2016-10140)

potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. A null pointer back-reference vulnerability exists in potrace bitmapio.c:651:11. A remote attacker can exploit...

potrace heap buffer overflow vulnerability (CNVD-2016-10136)

potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. A buffer overflow vulnerability exists in bitmapio.c:652:11. An attacker could exploit this vulnerability to...

Potrace de-zero error vulnerability

potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. A divide-by-zero error vulnerability exists in potrace bitmap.h. A remote attacker can exploit this vulnerabili...

potrace null pointer backreference vulnerability

potrace is a set of bitmap image processing tools developed by software developer Peter Selinger. The tool offers the ability to add smoothing effects, free scaling of images, and more. A null pointer back-reference vulnerability exists in potrace bitmapio.c:717:4. A remote attacker can exploit...

chromium-browser: heap overflow in blink

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

UBUNTU-CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

CVE-2016-5182

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages...

UBUNTU-CVE-2016-3620

The ZIPEncode function in tifzip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

UBUNTU-CVE-2016-3621

The LZWEncode function in tiflzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

DEBIAN-CVE-2016-3619

The DumpModeEncode function in tifdumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

UBUNTU-CVE-2016-3619

The DumpModeEncode function in tifdumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

MariaDB 10.1.x < 10.1.7 Multiple Vulnerabilities

The version of MariaDB running on the remote host is 10.1.x prior to 10.1.7. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the baselistiterator::nextfast function within file sql/sqlparse.cc when handling multi-table updates. An...

PT-2017-9179 · Autotrace +1 · Autotrace +1

Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is related to a heap-based buffer overflow in the pstoedit suffix table init function, which can be triggered by a crafted bmp image file. This can cause a denial of service due to an...

DEBIAN-CVE-2016-5278

Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image...

USN-3085-1 gdk-pixbuf vulnerabilities

It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash,...

The vulnerabilities in operating systems such as Mac OS X and iOS allow attackers to trigger service failures or execute arbitrary code.

The vulnerability of the CoreGraphics component in Mac OS X and iOS operating systems arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely or cause a service failure memory corruption by using a specially crafted BMP image...

Debian DLA-621-1 : autotrace security update

Autotrace is a program for converting bitmaps to vector graphics. It had a bug that caused an out-of-bounds write. This was caused by not allocating sufficient memory to store the terminating NULL pointer in an array. For Debian 7 'Wheezy', this problem have been fixed in version 0.31.1-16+deb7u1...

DLA-621-1 autotrace - security update

Bulletin has no description...

UBUNTU-CVE-2016-6823

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service crash via crafted height and width values, which triggers an out-of-bounds write...