Lucene search
K

9 matches found

OSV
OSV
added 2021/07/31 11:3 a.m.4 views

OESA-2021-1288 optipng security update

Security Fixes: Off-by-one error in the bmprle4fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer...

9.3CVSS8.3AI score0.04426EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2016/04/19 12:0 a.m.31 views

Ubuntu 14.04 LTS : OptiPNG vulnerabilities (USN-2951-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2951-1 advisory. Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause...

9.3CVSS7.2AI score0.05383EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2016/04/19 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-2951-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.7AI score0.05383EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2016/04/18 12:0 a.m.26 views

openSUSE Security Update : optipng (openSUSE-2016-468)

optipng was updated to fix one security issue. This security issue was fixed : - CVE-2016-2191: Invalid write while processing bitmap images bsc973992. - CVE-2016-3981: Heap buffer overflow pngxrbmp.c bmpreadrows - CVE-2016-3982: Heap buffer overflow pngxrbmp.c bmprle4fread %NASLMINLEVEL 70300 C...

9.3CVSS7.2AI score0.04426EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2016/04/18 12:0 a.m.23 views

openSUSE Security Update : optipng (openSUSE-2016-469)

optipng was updated to fix one security issue. This security issue was fixed : - CVE-2016-2191: Invalid write while processing bitmap images bsc973992. - CVE-2016-3981: Heap buffer overflow pngxrbmp.c bmpreadrows - CVE-2016-3982: Heap buffer overflow pngxrbmp.c bmprle4fread %NASLMINLEVEL 70300 C...

9.3CVSS7.2AI score0.04426EPSS
Exploits2References4
OSV
OSV
added 2016/04/13 4:59 p.m.9 views

CVE-2016-3981

Heap-based buffer overflow in the bmpreadrows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file...

7.8CVSS9.1AI score
Exploits0References7
CVE
CVE
added 2016/04/13 4:0 p.m.104 views

CVE-2016-3981

OptiPNG (before 0.7.6) is affected by CVE-2016-3981 due to a heap-based overflow in bmp_read_rows (pngxrbmp.c), enabling potential out-of-bounds access and possible code execution or crash.iva Attack vector: crafted image file; impact: DoS or code execution. Mitigation: upgrade to OptiPNG 0.7.6+ ...

9.3CVSS8.6AI score0.04426EPSS
Exploits1References7Affected Software1
UbuntuCve
UbuntuCve
added 2016/04/13 12:0 a.m.24 views

CVE-2016-3981

Heap-based buffer overflow in the bmpreadrows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file...

9.3CVSS7.4AI score0.04426EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2016/04/07 12:0 a.m.29 views

Debian Security Advisory DSA 3546-1 (optipng - security update)

Hans Jerry Illikainen discovered that missing input sanitising in the BMP processing code of the optipng PNG optimiser may result in denial of service or the execution of arbitrary code if a malformed file is processed. OpenVAS Vulnerability Test $Id: deb3546.nasl 6608 2017-07-07 12:05:05Z cfisch...

9.3CVSS0.1AI score0.05383EPSS
Exploits3References1
Rows per page
Query Builder