USN-8057-1: GIMP vulnerabilities

Hanno Böck discovered that GIMP allocated FLI images using only the information present in the file header, which allowed for a maliciously- crafted file to cause out-of-bounds writes. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue onl...

CVE-2025-2761

GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...

CVE-2021-33660

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

Autodesk Design Review FLI Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SUSE-SU-2016:1569-1 Security update for python-Pillow

This update for python-Pillow fixes the following security issues: CVE-2016-0775: Fixed a buffer overflow in FliDecode.c causing a segfault when opening FLI files. bsc965582 CVE-2016-0740: Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening...

SUSE-SU-2016:1355-1 Security update for python-Pillow

This update for python-Pillow fixes the following security issues: CVE-2016-0775: Fixed a buffer overflow in FliDecode.c causing a segfault when opening FLI files. bsc965582 CVE-2016-0740: Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening...

SUSE-SU-2016:0935-1 Security update for python-Pillow

This update for python-Pillow fixes the following security issues: CVE-2016-0775: Fixed a buffer overflow in FliDecode.c causing a segfault when opening FLI files. bsc965582 CVE-2016-0740: Fixed a buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening...

SUSE-SU-2016:0924-1 Security update for python-Pillow

This update for python-Pillow fixes the following security issues: Fixed an integer overflow in Resample.c causing writes in the Python heap. Fixed a buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files. CVE-2016-TBD Fixed a buffer overflow in FliDecode.c causing a segfaul...

openSUSE Security Update : python-Pillow (openSUSE-2016-339)

This update for python-Pillow fixes the following issues : - backport security fixes from 3.1.1 Pillow-overflows.patch : - Fixed an integer overflow in Resample.c causing writes in the Python heap. - Fixed a buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files. CVE-2016-TB...

Updated python-pillow packages fix security vulnerability

A buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF file CVE-2016-0740. A buffer overflow in FliDecode.c causing a segfault when opening FLI files CVE-2016-0775. A buffer overflow in PcdDecode.c causing a segfault...

Autodesk Design Review FLI RLE Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Media Player Classic 6.4.9 - FLI File Remote Buffer Overflow

Media Player Classic 6.4.9 - FLI File Remote Buffer Overflow source: https://www.securityfocus.com/bid/25437/info Media Player Classic is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data. Attackers may attempt to exploit this issue...