DEBIAN-CVE-2015-0295

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...

MGASA-2015-0113 Updated libxfont package fixes security vulnerabilities

The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures...

X.Org libXfont bitmap/bdfread.c Null Pointer Reference Denial of Service Vulnerability

X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation and is open source free software. libXfont is an X font handling library for servers and utilities. A security vulnerability in the 'bdfReadCharacters' function in the bitmap/bdfread.c file in...

DEBIAN-CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

IcoFx Handles BMP File Memory Corruption Vulnerability

IcoFX is a free icon design editing tool. IcoFX software suffers from a memory corruption vulnerability in the processing logic of BMP images, which allows attackers to exploit the vulnerability to parse malformed images and cause the program to crash and exit...

UBUNTU-CVE-2015-1802

The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly execute arbitrary code via a 1 negative or 2 large property count in a BDF font file...

Memory Corruption Vulnerability in pmview Pro's Processing of BMP Images

PMView Pro is a super-fast viewing software that also supports multiple graphic formats for graphic viewing, editing, and conversion software, supporting filters, printing, automatic thumbnail generation, as well as screen copy, graphic scanning, SlideShow creation, and support for rotating the...

Memory Corruption Vulnerability in Ashampoo Photo Commander's BMP Image Processing

Ashampoo Photo Commander Free is a photo management software from Germany. A memory corruption vulnerability exists in Ashampoo Photo Commander's handling of BMP images, allowing attackers to exploit the vulnerability to parse malformed programs and cause the application to crash...

FreeType 'tt_sbit_decoder_init' Function Denial of Service Vulnerability

FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType...

FreeType '_bdf_parse_glyphs' function denial of service vulnerability

FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType 'bdfparseglyph...

CVE-2014-9666

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

CVE-2014-9666

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

Integer overflow

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

CVE-2014-9666

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

CVE-2014-9666

CVE-2014-9666 affects FreeType up to version 2.5.3 and 2.5.4 before the patch. The tt_sbit_decoder_init function can proceed with a crafted embedded bitmap without restricting the count, causing integer overflow and out-of-bounds read, leading to DoS (and possibly other impact). A fix is availabl...

CVE-2014-9666

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

UBUNTU-CVE-2014-9666

The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...

DEBIAN-CVE-2014-9330

Integer overflow in tifpackbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service crash via crafted BMP image, related to dimensions, which triggers an out-of-bounds read...

CVE-2014-8386

Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted 1 display properties or 2 conditional bitmap parameter in a GNI file...

Stack overflow

Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted 1 display properties or 2 conditional bitmap parameter in a GNI file...