gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

DEBIAN-CVE-2025-35984

A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

SUSE CVE-2008-1097

Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in 1 ImageMagick 6.2.4-5 and 6.2.8-0 and 2 GraphicsMagick aka gm 1.1.7 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted .pcx file that...

Pillow Out-of-bounds Read

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...

GHSA-F5G8-5QQ7-938W Pillow Out-of-bounds Read

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...

UBUNTU-CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...

CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations...

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53166)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted PCX file...

CVE-2020-6063

An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

ACD Systems Canvas Draw Out-of-Bounds Write Vulnerability (CNVD-2019-06640)

ACD Systems Canvas Draw is a graphic editing tool from ACD Systems that is used to create and edit images and more. An out-of-bounds write vulnerability exists in the PCX parsing feature in ACD Systems Canvas Draw version 4.0.0, which can be exploited by an attacker to overwrite arbitrary data an...

CVE-2017-12107

An memory corruption vulnerability exists in the .PCX parsing functionality of Computerinsel Photoline 20.02. A specially crafted .PCX file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .PCX file to trigger this vulnerability...

Code injection

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service application crash via a crafted PCX file...

CVE-2017-7950

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service application crash via a crafted PCX file...

CVE-2017-7950

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service application crash via a crafted PCX file...

CVE-2014-9832

Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file...

CVE-2014-9832

Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file...

Integer overflow

Multiple integer overflows in the loadimage function in file-pcx.c in the Personal Computer Exchange PCX plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PCX image that triggers a heap-based...

Memory corruption in ImageMagick's PCX coder

Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in 1 ImageMagick 6.2.4-5 and 6.2.8-0 and 2 GraphicsMagick aka gm 1.1.7 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted .pcx file that...

security flaw

Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file...