CVE-2018-3973

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and...

ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

Security Advisory - Memory Double Free Vulnerability in Image Processing Module of Some Huawei Smart Phones

The image processing module of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash. Vulnerability ID: HWPSIRT-2018-110...

CVE-2019-6976

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image...

Memory Corruption Vulnerability in NexusImage Processing of BMP Images

NexusImage is an image viewer. NexusImage suffers from a memory corruption vulnerability when processing BMP images, which can be exploited by an attacker to crash the program by constructing malformed BMP images...

[SECURITY] Fedora 29 Update: leptonica-1.77.0-1.fc29

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

[SECURITY] Fedora 28 Update: leptonica-1.77.0-1.fc28

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

[SECURITY] [DLA 1619-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u5 CVE ID : CVE-2018-20184 CVE-2018-20185 CVE-2018-20189 Debian Bug : 916752 916719 916721 Multiple vulnerabilities have been found in GraphicsMagick, the image processing system. CVE-2018-20184 The WriteTGAImage function tga.c is affected by a...

Debian: Security Advisory (DLA-1619-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibRaw 'unpacked_load_raw()' Function Denial of Service Vulnerability

LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A denial of service vulnerability exists in the LibRaw 'unpackedloadraw' function. An attacker can exploit the vulnerability to cause a DoS Denial of Service...

UBUNTU-CVE-2018-18498

A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, and Firefox 64...

ImageMagick Denial of Service Vulnerability (CNVD-2018-26703)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the 'WritePDBImage' function in the coders/pdb.c file in ImageMagick version...

ghostscript sandbox bypass remote command execution vulnerability alerts-a vulnerability alert-the black bar safety net

! 0x00 vulnerability background 11 on the 21st, Semmle team of security researchers Man Yue Mo by semmle website, once again that ghostscript security sandbox can be bypassed by constructing a malicious PDF content that can cause remote command execution. ghostscript is widely used, ImageMagick,...

Simple DirectMedia Layer SDL2_Image do_layer_surface code execution vulnerability

Summary An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...

LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp

An out-of-bounds read flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images...

[SECURITY] Fedora 28 Update: CImg-2.3.6-1.fc28

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

[SECURITY] Fedora 29 Update: CImg-2.3.6-1.fc29

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

[SECURITY] Fedora 27 Update: gmic-2.3.6-1.fc27

G'MIC is an open and full-featured framework for image processing, providing several different user interfaces to convert/manipulate/filter/visualize generic image datasets, from 1d scalar signals to 3d+t sequences of multi-spectral volumetric images...

[SECURITY] Fedora 27 Update: CImg-2.3.6-1.fc27

The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...

The vulnerability of the Windows operating system, related to errors in image processing, allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system is related to errors in processing image files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted image file from a remote location...