Advantech Adamview Buffer Overflow

Multiple stack-based buffer overflows in Advantech AdamView 4.3 and earlier allow remote attackers to execute arbitrary code via a crafted 1 display properties or 2 conditional bitmap parameter in a GNI file. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Details Accordin...

UBUNTU-CVE-2014-9330

Integer overflow in tifpackbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service crash via crafted BMP image, related to dimensions, which triggers an out-of-bounds read...

SeaMonkey < 2.32 Multiple Vulnerabilities

Binary data 8626.prm...

Mozilla Firefox < 35.0 Multiple Vulnerabilities

Binary data 8624.prm...

Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability

Firefox/SeaMonkey is a web browser and newsgroup client released by Mozilla. An information disclosure vulnerability exists in Mozilla Firefox/SeaMonkey, which can be exploited by attackers to obtain sensitive information or launch further attacks...

Advantech ADAMView Conditional Bitmap Remote Code Execution (CVE-2014-8386)

A stack-buffer overflow has been reported in Advantech ADAMView. The vulnerability is due to insufficient validation of conditional bitmaps from a file...

UBUNTU-CVE-2014-8637

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...

Uninitialized memory use during bitmap rendering — Mozilla

Google security researcher Michal Zalewski reported that when a malformed bitmap image is rendered by the bitmap decoder within a element, memory may not always be properly initialized. The resulting image then uses this uninitialized memory during rendering, allowing data to potentially leak to...

UBUNTU-CVE-2014-0250

Multiple integer overflows in client/X11/xfgraphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the 1 xfPointerNew or 2 xfBitmapDecompress function, which causes an incorrect amount of memory to be allocated...

Amazon Linux AMI : freetype (ALAS-2011-8)

Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user runnin...

CVE-2014-0993

Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library VCL in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file...

CVE-2014-0993

Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library VCL in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file...

CVE-2013-7388

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...

Heap overflow

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...

CVE-2013-7388

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp formerly Google SketchUp before 2013 13.0.3689, allows remote attackers to execute arbitrary code via a crafted RLE4-compressed bitmap BMP. NOTE: this issue was SPLIT from CVE-2013-3664 due to different affected products and...

CVE-2013-7388

The CVE-2013-7388 entry describes a heap-based buffer overflow in the paintlib component used by Trimble SketchUp prior to version 13.0.3689, exploitable via a crafted RLE4 BMP. This affects SketchUp’s use of paintlib; the issue is described as a heap overflow enabling remote code execution. The ...

Android Web Browser - BMP File Integer Overflow Vulnerability

source: http://www.securityfocus.com/bid/28006/info Android Web Browser is prone to an integer-overflow vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts wil...

LEADTOOLS 11.5.0.9 - (ltdlg11n.ocx) Bitmap Access Violation DoS

No description provided by source. html Test Exploit Page object classid='clsid:00110060-B1BA-11CE-ABC6-F5B2E79D9E3F' id='target' //object script language='vbscript' targetFile = C:\Program Files\Rational\common\ltdlg11n.ocx prototype = Property Let Bitmap As Long memberName = Bitmap progid =...

Cam2pc 4.6.2 - BMP Image Processing Integer Overflow Vulnerability

No description provided by source. Application: Cam2pc BMP Image Processing Integer Overflow Vulnerability Platforms: Windows Vendor : http://www.nabocorp.co Versions : The vulnerability is confirmed in version 4.6.2 Freeware Edition Other versions may also be affected. Date : 2013-03-13 Contact ...

ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)

No description provided by source. !/usr/bin/perl Exploit Title: ImageMagick 6.8.8-5 - Local Buffer Overflow SEH Date: 2-13-2014 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: ImageMagick all versions prior to 6.8.8-5 Software Link:...