CVE-2020-10938

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c...

Arbitrary Code Execution

GraphicsMagick is vulnerable to arbitrary code execution. An integer overflow and heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c allows an attacker to execute arbitrary code on the host OS...

GraphicsMagick < 1.3.35 Heap-Based Buffer Overflow Vulnerability - Windows

GraphicsMagick is prone to an integer overflow and resultant heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2020-10938

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c...

CVE-2020-10938

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c...

Design/Logic Flaw

The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence...

Heap overflow

The LZW decompressor in 1 the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and 2 compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products,...

CVE-2011-2895

The LZW decompressor in 1 the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and 2 compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products,...

Heap overflow

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

CVE-2004-0548

CVE-2004-0548 describes multiple stack-based buffer overflows in Aspell’s word-list-compress utility (compress.c) that allow a local user to execute arbitrary code via a long wordlist entry. The overflow is triggered when using the (1) “c” compress option or (2) “d” decompress option, due to lack...