CVE-2021-44422

An Improper Input Validation Vulnerability exists when reading a BMP file using Open Design Alliance Drawings SDK before 2022.12. Crafted data in a BMP file can trigger a write operation past the end of an allocated buffer, or lead to a heap-based buffer overflow. An attacker can leverage this...

CVE-2021-34333

A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in double free of an allocated...

CVE-2017-9181

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid write and SEGV, related to the ReadImage function in input-bmp.c...

UBUNTU-CVE-2017-9168

libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-bmp.c:353:25...

iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability

iDefense Security Advisory 08.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 12, 2008 I. BACKGROUND Microsoft Office contains a number of input filters. These input filters allow transparent conversion from external types into a form that the Office applications can use. More...