14 matches found
EUVD-2008-1380
Malware in sbrugna...
CVE-2022-24191
In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow...
Buffer overflow
In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow...
CVE-2022-24191
CVE-2022-24191 concerns HTMLDOC 1.9.14 where an infinite loop in the gif_read_lzw function can cause a pointer to an area of heap memory, resulting in a heap-based buffer overflow. Connected sources (Astra Linux bulletin) reiterate the same description without adding explicit patch details. No ex...
in michaelrsweet/htmldoc
Description In gifreadimage, in image.cxx, gifreadlzw might return a value greater than 255, which results in an out of bounds read, leading to denial of service. c typedef uchar gifcmapt2563; / ... / static int / I - 0 = success, -1 = failure / gifreadimageFILE fp, / I - Input file / imaget img,...
Mandriva Linux Security Advisory : cups (MDVSA-2011:147)
A vulnerability has been discovered and corrected in cups : The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary...
CUPS < 1.4.7 'gif_read_lzw' Buffer Overflow
According to its banner, the version of CUPS installed on the remote host is earlier than 1.4.7. There is a boundary error in the function 'gifreadlzw' in the file 'filter/image-gif.c' that can allow an attacker to cause a heap-based buffer overflow via specially crafted gif images. C Tenable...
CVE-2011-3170
The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...
DEBIAN-CVE-2011-3170
The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...
CVE-2011-3170
The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...
CVE-2011-3170
The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...
CVE-2011-3170
The gifreadlzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than...
DEBIAN-CVE-2008-1373
Buffer overflow in the gifreadlzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large codesize value, a similar issue to CVE-2006-4484...
CUPS gif_read_lzw()函数GIF文件处理缓冲区溢出漏洞
BUGTRAQ ID: 28544 CVECAN ID: CVE-2008-1373 Common Unix Printing System CUPS是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。 CUPS处理畸形格式的GIF文件时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 CUPS打印系统所使用的GIF解析代码直接从GIF图形中读取了codesize值,且没有经过验证便用于初始化gifreadlzw中的表格数组,这可能导致静态溢出。...