130 matches found
DEBIAN-CVE-2018-12600
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file...
Denial Of Service (DoS) Through Memory Leak
ImageMagick is vulnerable to denial of service DoS attacks. Leveraging a flaw in the ReadDIBImage function, attackers can pass a dib file to the application to cause memory leaks...
DEBIAN-CVE-2014-9845
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service crash via a corrupted dib file...
Design/Logic Flaw
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service crash via a corrupted dib file...
CVE-2014-9845
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service crash via a corrupted dib file...
Windows gdi32.dll heap-based out-of-bounds reads / memory disclosure (CVE-2017-0038)
In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library gdi32.dll. As a quick reminder, the DIB-embedding records follow a common scheme: they include four fields, spots denotin...
DIB MOBILE - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application DIB MOBILE published at the 'play' market has multiple vulnerabilities...
Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Read
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple records which deal with DIBs Device Independent Bitmaps. Examples of such...
Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds ReadsMemory Disclosure (MS16-074)
Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds ReadsMemory Disclosure MS16-074 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple...
Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple records which deal with DIBs Device Independent Bitmaps. Examples of such records are EMRALPHABLEND, EMRBITBLT, EMRMASKBLT,...
dib-france.fr XSS vulnerability
Vulnerable URL: http://www.dib-france.fr/info.php?RuNum=5--%21%3E%27%3E%20%3C/form%3E%3Cscript%3Ealert%22OPENBUGBOUNTY%22;%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 10:00 GMT Vulnerability type:| XSS Vulnerability status:|...
Fedora 20 : qt3-3.3.8b-62.fc20 (2015-2901)
This update fixes CVE-2015-0295, a division by zero when loading some specific invalid BMP/DIB image files, which could be exploited for denial of service application crash attacks. The security patch is backported from Qt 4. Note that Tenable Network Security has extracted the preceding...
CVE-2014-9845
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service crash via a corrupted dib file...
UBUNTU-CVE-2014-9845
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service crash via a corrupted dib file...
Heap overflow
Heap-based buffer overflow in IrfanView before 4.33 allows remote attackers to execute arbitrary code via a crafted RLE compressed bitmap file such as a DIB, RLE, or BMP image...
Mandriva Linux Security Advisory : ImageMagick (MDVSA-2008:035)
Multiple vulnerabilities were discovered in the image decoders of ImageMagick. If a user or automated system were tricked into processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote attacker could execute arbitrary code with user privileges. The updated packages have been patched to...
Mandriva Update for ImageMagick MDVSA-2008:035 (ImageMagick)
Check for the Version of ImageMagick OpenVAS Vulnerability Test Mandriva Update for ImageMagick MDVSA-2008:035 ImageMagick Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CentOS Update for ImageMagick CESA-2008:0145 centos4 i386
Check for the Version of ImageMagick OpenVAS Vulnerability Test CentOS Update for ImageMagick CESA-2008:0145 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
RHEL 3 / 4 / 5 : ImageMagick (RHSA-2008:0145)
Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagick is an image display and manipulation tool for the...
ImageMagick security update
CentOS Errata and Security Advisory CESA-2008:0145 Updated ImageMagick packages that correct several security issues are now available for Red Hat Enterprise Linux versions 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ImageMagic...