20 matches found
CVE-2026-2272 Gimp: gimp: memory corruption due to integer overflow in ico file handling
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the icoreadinfo and icoreadicon functions. This issue arises because a size calculation for image buffers can wrap around due to a 32-bit integer evaluation, allowing oversized imag...
EUVD-2018-7054
Malware in sbrugna...
CVE-2020-23889
A User Mode Write AV starting at Editor!TMethodImplementationIntercept+0x4189c6 of WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted ico file...
SUSE CVE-2020-24292
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 r1859 allows remote attackers to run arbitrary code via opening of crafted ico file...
CVE-2020-24292
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 r1859 allows remote attackers to run arbitrary code via opening of crafted ico file...
Buffer overflow
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 r1859 allows remote attackers to run arbitrary code via opening of crafted ico file...
CVE-2020-23889
A User Mode Write AV starting at Editor!TMethodImplementationIntercept+0x4189c6 of WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted ico file...
CVE-2020-23889
A User Mode Write AV starting at Editor!TMethodImplementationIntercept+0x4189c6 of WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted ico file...
Design/Logic Flaw
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service DoS via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33...
CVE-2020-23889
WildBit Viewer vulnerability CVE-2020-23889 affects version 6.6. A Type: user-mode write access violation arises from Editor!TMethodImplementationIntercept+0x4189c6 when processing a crafted ICO file, leading to a denial of service. The report(s) in multiple feeds (NVD, Red Hat, CNVD, CNVD-derive...
CVE-2020-23887
XnView MP v0.96.4 is affected by a heap-based buffer overflow that can be triggered by a crafted ICO file, leading to a denial of service. The issue is described as a Read Access Violation beginning at USER32!SmartStretchDIBits+0x33. Connected sources confirm the vulnerability in XnView MP, but d...
CVE-2020-6082
An exploitable out-of-bounds write vulnerability exists in the icoread function of the igcore19d.dll library of Accusoft ImageGear 19.6.0. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the vict...
CVE-2018-15174
XnView 2.45 allows remote attackers to cause a denial of service Read Access Violation at the Instruction Pointer and application crash or possibly have unspecified other impact via a crafted ICO file...
Design/Logic Flaw
XnView 2.45 allows remote attackers to cause a denial of service Read Access Violation at the Instruction Pointer and application crash or possibly have unspecified other impact via a crafted ICO file...
CVE-2017-6313
Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read and program crash via a crafted image entry size in an ICO file...
CVE-2017-6313
Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read and program crash via a crafted image entry size in an ICO file...
ALPINE-CVE-2016-9811
The windowsicontypefind function in gst-plugins-base in GStreamer before 1.10.2, when GSLICE is set to always-malloc, allows remote attackers to cause a denial of service out-of-bounds read via a crafted ico file...
CVE-2016-9811
The windowsicontypefind function in gst-plugins-base in GStreamer before 1.10.2, when GSLICE is set to always-malloc, allows remote attackers to cause a denial of service out-of-bounds read via a crafted ico file...
CVE-2008-4327
gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly handle crafted .ico files, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a certain crash.ico file on a web site, and allows user-assisted attackers to cause a denial of...
security flaw
Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...