Microsoft Office Graphics Remote Code Execution Vulnerability

...

CVE-2018-12152

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 aka 15.33.x.5056, 10.18.x.5057 aka 15.36.x.5057 and 20.19.x.5058 aka 15.40.x.5058 may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access...

Remote code execution using malformed PNG image — Mozilla

OUSPG researcher Aki Helin reported a buffer overflow in Mozilla graphics code which consumes image data processed by libpng. A malformed PNG file could be created which would cause libpng to incorrectly report the size of the image to downstream consumers. When the dimensions of such images are...

Crash with malformed GIF file on Mac OS X — Mozilla

Drew Yao of Apple Product Security reported a vulnerability in Mozilla graphics code which handles GIF rendering in Mac OS X. He demonstrated that a GIF file could be specially crafted to cause the browser to free an uninitialized pointer. An attacker could use this vulnerability to crash the...