Multi Purpose Fuzzer: zzuf

Multi Purpose Fuzzer zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data which more than often comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random...

Multiple image viewers multiple security vulnerabilities

Multiple buffer overflows on BPM, TIFF, XPM, CLP, PSP, RAS, IFF, PNG images parsing...

Several Windows image viewers vulnerabilities

I made a small research covering security of several Windows offline image viewers. Although, when discussing security of image viewing software, web browsers are usually implied, since they will be on the 'front lines' in the unsafe environment such as the Internet, this research lists several...

fbida: Arbitrary command execution

Background fbida is a collection of image viewers and editors for the framebuffer console and X11. fbgs is a PostScript and PDF viewer for the linux framebuffer console. Description Toth Andras has discovered a typographic mistake in the "fbgs" script, shipped with fbida if the "fbcon" and "pdf"...

Mandrake Linux Security Advisory : qt3 (MDKSA-2004:085)

Chris Evans discovered a heap-based overflow in the QT library when handling 8-bit RLE encoded BMP files. This vulnerability could allow for the compromise of the account used to view or browse malicious BMP files. On subsequent investigation, it was also found that the handlers for XPM, GIF, and...