SUSE CVE-2022-38143

A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this...

Allegro 缓冲区错误漏洞

Allegro is Allegro open source a cross-platform library mainly for video games and multimedia programming. A security vulnerability exists in Allegro 5.2.6 and earlier versions, which stems from the presence of a buffer overflow vulnerability that can be exploited by an attacker to cause a denial...

OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

Libnsbmp Buffer Overflow Vulnerability

Libnsbmp is a decoding library for the BMP and ICO image file formats, written in C. It is available as part of the NetSurf project. It is part of the NetSurf project and is available for other software under the MIT license. A buffer overflow vulnerability exists in the 'bmpdecoderle' function o...

CVE-2018-12599

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file...

PhotoZoom Pro 7 Handles BMP with Denial of Service Vulnerability

PhotoZoom Pro 7 is an image processing tool. PhotoZoom Pro 7 suffers from a denial of service vulnerability when handling the BMP format, which can be exploited to cause the program to crash by constructing a malformed BMP image, and can be successfully exploited to cause arbitrary code execution...

Chasys Draw IES BMP Buffer Overflow (CVE-2013-3928)

A buffer overflow vulnerability has been reported in Chasys Draw IES. The vulnerability is due to an image parsing input validation error in Chasys Draw IES when parsing a file in BMP format. A remote attacker could trigger this issue via a specially crafted BMP file. Successful exploitation will...

Adobe Reader Image Texture Malformed BMP File Memory Corruption (APSB11-03; CVE-2011-0592; CVE-2011-0596)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to a 3D file parsing input validation error in Adobe Reader and Acrobat when parsing an external texture file in BMP format. A remote attacker could trigger this issue via a specially crafted...

DEBIAN-CVE-2008-6079

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted 1 ARGB, 2 BMP, 3 JPEG, 4 LBM, 5 PNM, 6 TGA, or 7 XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."...

ImLib库_LoadBMP函数拒绝服务漏洞

BUGTRAQ ID: 24750 Imlib是一种图形浏览应用文件库，用于Gnome图形用户环境。 Imlib在处理畸形格式的BMP图像文件时存在漏洞，攻击者可能利用此漏洞导致使用了程序库的应用陷入死循环。 Imlib库的LoadBMP函数从BMP文件读取了BPP值并使用该值确定在主文件处理循环中的每一步应读取多少位，但以下行没有正确地检测无效的值0x0000： if bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32 fprintfstderr, "IMLIB ERROR: unknown...

security flaw

Heap-based buffer overflow in the BMP image format parser for the QT library qt3 before 3.3.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code...