Out-of-bounds

The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images...

CVE-2018-7264

The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images...

CVE-2018-7264

The CVE-2018-7264 entry concerns the ActivePDF Toolkit’s embedded Pictview image processing library. The vulnerability description in the documents states multiple out-of-bounds write and sign errors allowing a remote attacker to execute arbitrary code when processing untrusted images, affecting ...

ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions Exploit

Exploit for windows platform in category dos / poc ActivePDF Toolkit 8.1.0 multiple RCE Introduction ============ The ActivePDF Toolkit is a Windows library which enhances business processes to stamp, stitch, merge, form-fill, add digital signatures, barcodes to PDF. Both .NET and native APIs are...

CVE-2018-4909

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of...

CVE-2018-4879

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image...

Leptonica Bypasses File Restriction Vulnerability

Leptonica is an open source system for image processing and image analysis applications. A security vulnerability exists in Leptonica version 1.74.4. A local attacker can exploit the vulnerability to bypass file restrictions...

ActivePDF Toolkit Code Execution

ActivePDF Toolkit 8.1.0 multiple RCE Introduction ============ The ActivePDF Toolkit is a Windows library which enhances business processes to stamp, stitch, merge, form-fill, add digital signatures, barcodes to PDF. Both .NET and native APIs are provided. Amongst many other operations, this...

Leptonica 'gplotMakeOutput' Function Command Injection Vulnerability

Leptonica is an open source system for image processing and image analysis applications. A security vulnerability exists in the 'gplotMakeOutput' function in Leptonica 1.75.3 and earlier versions. An attacker can exploit the vulnerability to inject commands...

[SECURITY] Fedora 27 Update: GraphicsMagick-1.3.28-1.fc27

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

[SECURITY] Fedora 26 Update: GraphicsMagick-1.3.28-1.fc26

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

[SECURITY] [DLA 1260-1] tiff3 security update

Package : tiff3 Version : 3.9.6-11+deb7u9 CVE ID : CVE-2017-18013 Debian Bug : 885985 A vulnerability has been discovered in the libtiff image processing library which may result in an application crash and denial of service. CVE-2017-18013 NULL pointer dereference via crafted TIFF image For Debi...

[SECURITY] [DLA 1259-1] tiff security update

Package : tiff Version : 4.0.2-6+deb7u18 CVE ID : CVE-2017-18013 Debian Bug : 885985 A vulnerability has been discovered in the libtiff image processing library which may result in an application crash and denial of service. CVE-2017-18013 NULL pointer dereference via crafted TIFF image For Debia...

[SECURITY] [DLA 1245-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u17 CVE ID : CVE-2018-5685 Debian Bug : 887158 A vulnerability has been discovered in GraphicsMagick, a collection of image processing tools, which may result in a denial of service. CVE-2018-5685: An infinite loop and application hang has been...

ImageMagick 'EncodeImageAttributes' function memory leak vulnerability

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the 'EncodeImageAttributes' function of the coders/json.c file in ImageMagick...

Debian DSA-4074-1 : imagemagick - security update

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. %NASLMINLEVEL 70300 C Tenabl...

UBUNTU-CVE-2017-17914

In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service ReadOneMNGImage large loop via a crafted mng image file...

CVE-2017-17501

WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file...

CVE-2017-16401

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

Design/Logic Flaw

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...