PT-2022-25101 · Samsung · Samsung Decoding Library

Name of the Vulnerable Software and Affected Versions: Samsung decoding library versions prior to SMR Dec-2022 Release 1 Description: The issue is related to a TOCTOU vulnerability in the Samsung decoding library for video thumbnails, which allows a local attacker to perform an Out-Of-Bounds Writ...

SAMSUNG Mobile devices 输入验证错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Dec-2022 Release 1, which stems from an integer overflow vulnerability in the...

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

CVE-2022-39908

CVE-2022-39908 affects Samsung decoding library used for video thumbnails on Samsung Mobile devices prior to SMR Dec-2022 Release 1. The root cause is a TOCTOU condition enabling a local attacker to perform an Out-Of-Bounds Write. Affected component: Samsung decoding library for video thumbnails;...

PT-2022-25100 · Samsung · Samsung Decoding Library

Name of the Vulnerable Software and Affected Versions: Samsung decoding library versions prior to SMR Dec-2022 Release 1 Description: The issue is related to an integer overflow in the Samsung decoding library, specifically affecting the handling of video thumbnails. This allows a local attacker ...

The vulnerability of the de265_image::available_zscan function in the h.265 Libde265 implementation allows a attacker to cause a service failure.

The vulnerability of the de265image::availablezscan function in the h.265 Libde265 implementation is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...

Integer overflow

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to unchecked arithmetic...

UBUNTU-CVE-2021-21853

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a heap-based buffer overflo...

DEBIAN-CVE-2021-21860

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption...

Libwebp Resource Management Error Vulnerability

Libwebp is a WebP image format encoding and decoding library . A resource management error vulnerability exists in libwebpmux in Libwebp version 0.5.1. The vulnerability arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a network system or product. No detailed...

PT-2017-18299 · Underbit Technologies +1 · Libmad +1

Name of the Vulnerable Software and Affected Versions: libmad version 0.15.1b Description: The issue allows remote attackers to cause a denial of service, which can lead to a heap-based buffer overflow and application crash, or possibly have other unspecified impacts. This is achieved through a...

UBUNTU-CVE-2017-7976

Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2imagecompose function in jbig2image.c during operations on a crafted .jb2 file, leading to a denial of service application crash or disclosure of sensitive information from process memory...

Libnsgif 0.1.2 Stack Overflow / Out-Of-Bounds Read Exploit

Libnsgif version 0.1.2 suffers from stack overflow and out-of-bounds read vulnerabilities. Overview ======== Libnsgif1 is a decoding library for GIF images. It is primarily developed and used as part of the NetSurf project. As of version 0.1.2, libnsgif is vulnerable to a stack overflow...

DEBIAN-CVE-2011-4364

Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service crash and possibly...

Mandriva Linux Security Advisory : ghostscript (MDVSA-2009:311)

Multiple security vulnerabilities has been identified and fixed in ghostscript : A buffer underflow in Ghostscript's CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file CVE-2007-6725. Buffer overflow in...

Ghostscript Multiple Buffer Overflow Vulnerabilities (Windows)

This host is installed with Ghostscript and is prone to Buffer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: secpodghostscriptmultbofvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ Ghostscript Multiple Buffer Overflow Vulnerabilities Windows. Authors: Nikita MR Copyright: Copyright c 20...

Mandriva Linux Security Advisory : ghostscript (MDVSA-2009:095)

A buffer underflow in Ghostscript's CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file CVE-2007-6725. Buffer overflow in Ghostscript's BaseFont writer module allows remote attackers to cause a denial of service...

CVE-2009-0196

Heap-based buffer overflow in the big2decodesymboldict function jbig2symboldict.c in the JBIG2 decoding library jbig2dec in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run...

CVE-2004-0699

CVE-2004-0699 describes a heap-based buffer overflow in the ASN.1 decoding library used by Check Point VPN-1 products when Aggressive Mode IKE is enabled. The root cause is a vulnerability in ASN.1 decoding that can be triggered by sending a malformed IKE packet after initiating a negotiation, al...