CVE-2007-4314

pixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service...

CVE-2007-4198

The fsdataputstr function in ntfs.c in fls in Brian Carrier The Sleuth Kit TSK before 2.09 does not validate a certain length value, which allows user-assisted remote attackers to cause a denial of service application crash and prevent examination of certain NTFS files via a malformed NTFS image,...

[SECURITY] Fedora 7 Update: GraphicsMagick-1.1.8-2.fc7

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

CVE-2007-3794

CVE-2007-3794 is a concrete buffer overflow vulnerability affecting Hitachi Cosminexus components (Cosminexus V4 through V7, Processing Kit for XML, Developer’s Kit for Java) and third‑party software using this stack. The issue arises when processing GIF images via image‑processing APIs in a Java...

ImLib库_LoadBMP函数拒绝服务漏洞

BUGTRAQ ID: 24750 Imlib是一种图形浏览应用文件库，用于Gnome图形用户环境。 Imlib在处理畸形格式的BMP图像文件时存在漏洞，攻击者可能利用此漏洞导致使用了程序库的应用陷入死循环。 Imlib库的LoadBMP函数从BMP文件读取了BPP值并使用该值确定在主文件处理循环中的每一步应读取多少位，但以下行没有正确地检测无效的值0x0000： if bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32 fprintfstderr, "IMLIB ERROR: unknown...

USN-480-1: Gimp vulnerability

Stefan Cornelius discovered that Gimp could miscalculate the size of heap buffers when processing PSD images. By tricking a user into opening a specially crafted PSD file with Gimp, an attacker could exploit this to execute arbitrary code with the user's privileges...

Mandrake Linux Security Advisory : emacs (MDKSA-2007:133)

A vulnerability in emacs was discovered where it would crash when processing certain types of images. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake...

GNU emacs DoS

Crash on images processing...

[SECURITY] [DSA 1316-1] New emacs21 packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory dsa-1316 [email protected] http://www.debian.org/security/ Steve Kemp June 21, 2007 - ------------------------------------------------------------------------ Package : emacs21 21.4a+1-3etch1...

DSA-1316-1 emacs21

Bulletin has no description...

GLSA-200705-24 : libpng: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200705-24 libpng: Denial of Service Mats Palmgren fixed an error in file pngrutil.c in which the trans array might be not allocated because of images with a bad tRNS chunk CRC value. Impact : A remote attacker could craft an image...

DEBIAN-CVE-2007-2756

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service CPU consumption via a crafted PNG image with truncated data, which causes an infinite loop in the pngreadinfo function in libpng...

SUSE-SA:2006:063: Qt

The remote host is missing the patch for the advisory SUSE-SA:2006:063 Qt. Multiple integer overflows have been found in image processing functions within the Qt class library, used for instance by the web browser 'konqueror' and its rendering engine 'khtml'. These problems could potentially lead...

Sun Microsystems Java GIF image processing buffer overflow

Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...

Imlib2 -- multiple image file processing vulnerabilities

Secunia reports: Some vulnerabilities have been reported in imlib2, which can be exploited by malicious people to cause a DoS Denial of Service or potentially compromise an application using the library. The vulnerabilities are caused due to unspecified errors within the processing of JPG, ARGB,...

CVE-2006-4066

The CVE-2006-4066 entry affects the Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2. The vulnerability allows context-dependent attackers to cause a denial of service (application crash) by feeding images that trigger a divide-by-zero error, demonstrated via an I...

CentOS 3 : PHP (CESA-2005:405)

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

On the QQ upgrade custom emoticons vulnerability-vulnerability warning-the black bar safety net

QQ2006 New Year Edition SP2 Fix Windows XP not playing MS04-0 2 8 overflow vulnerability patch case the presence of security issues QQ requires the upgrade How to use this? First, we have to make the picture of the Trojans! Tool a lot of their own to go to baidu to find! I have always advocated i...

Intel Graphics Accelerator Driver - Remote Denial of Service

source: https://www.securityfocus.com/bid/16127/info The Intel Graphics Accelerator driver is susceptible to a remote denial of service vulnerability. This issue is demonstrated to occur when the affected driver attempts to display an overly long text in a text area. This issue allows attackers t...

Inkscape 0.41/0.42 - '.SVG' Image Buffer Overflow

source: https://www.securityfocus.com/bid/15507/info Inkscape is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before copying it into a finite sized buffer. When the application processes a malformed...