EUVD-2010-2081

Malware in sbrugna...

Heap-based Buffer Overflow

OpenEXR is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to improper memory handling due to a maliciously forged chunk header when decompressing ZIPS-packed deep scan-line EXR files...

CVE-2025-48071 OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. Details When parsing STORAGEDEEPSCANLINE chunks from an EXR file, the following code from...

GHSA-H45X-QHG2-Q375 OpenEXR Heap-Based Buffer Overflow in Deep Scanline Parsing via Forged Unpacked Size

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. Details When parsing STORAGEDEEPSCANLINE chunks from an EXR file, the following code from...

SUSE CVE-2012-3509

Multiple integer overflows in the 1 objallocalloc function in objalloc.c and 2 objallocalloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service crash via vectors related to the "addition of CHUNKHEADERSIZE to the length,"...

SUSE CVE-2014-0075

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...

SUSE CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

GHSA-475F-74WP-PQV5 Integer Overflow or Wraparound in Apache Tomcat

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunke...

DEBIAN-CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

UBUNTU-CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

Analysis of the Linux heap overflow of fastbin-vulnerability warning-the black bar safety net

Some time ago to participate in the RCTF match, encountered a stack overflow topic shaxian it. The vulnerability itself is quite obvious, but due to a heap overflow is not familiar, have not been able to find the use of the method. After reading Fudan University six star clan it is, only know it...

Oracle: Security Advisory (ELSA-2015-1668)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : httpd (ELSA-2015-1667)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1667 advisory. - core: fix chunk header parsing defect CVE-2015-3183 Tenable has extracted the preceding description block directly from the Oracle Linux security...

httpd security update

2.2.15-47.0.1 - replace index.html with Oracle's index page oracleindex.html - update vstring in specfile 2.2.15-47 - fix regressions caused by fix for CVE-2015-3183 2.2.15-46 - core: fix chunk header parsing defect CVE-2015-3183...

httpd security update

2.4.6-31.0.1.el71.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-31.1 - core: fix chunk header parsing defect CVE-2015-3183 - core: replace of apsomeauthrequired with apsomeauthnrequired and apforceauthn hook CVE-2015-3185...

UBUNTU-CVE-2015-3183

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension...

apache: multiple issues

CVE-2015-0228 denial of service: modlua: A maliciously crafted websockets PING after a script calls r:wsupgrade can cause a child process crash. - CVE-2015-0253 denial of service: Fix a crash with ErrorDocument 400 pointing to a local URL-path with the INCLUDES filter active, introduced in...

apache22 -- chunk header parsing defect

Apache Foundation reports: CVE-2015-3183 core: Fix chunk header parsing defect. Remove aprbrigadeflatten, buffering and duplicated code from the HTTPIN filter, parse chunks in a single pass with zero copy. Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext authorized characters...