310 matches found
DEBIAN-CVE-2018-6612
An integer underflow bug in the processEXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact...
UBUNTU-CVE-2017-17942
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tifpackbits.c...
CVE-2017-17782
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation...
CVE-2017-17787
In GIMP 2.8.22, there is a heap-based buffer over-read in readcreatorblock in plug-ins/common/file-psp.c...
CVE-2017-11116
The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted jpg file...
DEBIAN-CVE-2017-11569
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...
DEBIAN-CVE-2017-11568
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines psread.c resulting in DoS or code execution via a crafted otf file...
DEBIAN-CVE-2017-11535
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage function in coders/ps.c...
UBUNTU-CVE-2017-11568
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines psread.c resulting in DoS or code execution via a crafted otf file...
UBUNTU-CVE-2015-9101
The fillbufferresample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...
ytnef denial of service vulnerability (CNVD-2017-09343)
ytnef is an application library for extracting data from winmail.dat files. A denial of service vulnerability exists in the 'DecompressRTF' function in the lib/ytnef.c file in ytnef version 1.9.2. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer...
UBUNTU-CVE-2017-9164
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GETCOLOR function in color.c:16:11...
UBUNTU-CVE-2017-9152
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnmloadraw function in input-pnm.c:346:41...
PoDoFo Denial of Service Vulnerability (CNVD-2017-07617)
PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in the 'PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry' function in the base/PdfXRefStreamParserObject.cpp file in PoDoFo version 0.9.5. ' function is vulnerable to a...
libcroco 'cr_input_new_from_uri' function denial of service vulnerability
libcroco is a CSS2 parsing library. A security vulnerability exists in the 'crinputnewfromuri' function in the cr-input.c file in libcroco versions 0.6.11 and 0.6.12. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer out-of-bounds read with the help of a...
UBUNTU-CVE-2017-6960
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the loadapng function and the imagesize variable...
PT-2017-17427 · Apng2Gif +1 · Apng2Gif +1
Name of the Vulnerable Software and Affected Versions: apng2gif version 1.7 Description: An issue was discovered related to an integer overflow, resulting in a heap-based buffer over-read. This issue is connected to the load apng function and the imagesize variable. Recommendations: For apng2gif...
DEBIAN-CVE-2016-9480
libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarfutil.c component, aka DW201611-006...
SUSE SLES11 Security Update : libxml2 (SUSE-SU-2016:1604-1)
This update for libxml2 fixes the following security issues : - CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread was fixed in libxml2/dict.c bsc963963, bsc965283, bsc981114. - CVE-2016-4483: Code was added to avoid an out of bound access when serializing malformed strings...
SUSE-SU-2016:1538-1 Security update for libxml2
This update for libxml2 fixes the following security issues: - CVE-2016-2073, CVE-2015-8806, CVE-2016-1839: A Heap-buffer overread was fixed in libxml2/dict.c bsc963963, bsc965283, bsc981114. - CVE-2016-4483: Code was added to avoid an out of bound access when serializing malformed strings...