SQL VSS writer fails for SQL localdb on Azure AD Connect Sync server.

Challenge Backup or replication jobs with Application Aware Image-Processing enabled may fail on the server hosting Azure AD Connect Sync with an error indicating the SQL writer has failed. After the job has failed, running "Vssadmin list writers" from an administrative command prompt on the Azur...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GD vulnerabilities (USN-3900-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3900-1 advisory. It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with ...

USN-3900-1: GD vulnerabilities

It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with a specially crafted image file to cause GD to crash, resulting in a denial of service, or possibly execute arbitrary code...

PYSEC-2019-248

An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

AdvanceCOMP Invalid Memory Access Vulnerability

AdvanceCOMP is a set of cross-platform command-line data compression tools. An invalid memory access vulnerability exists in the advpngunfilter8 function in png.c in AdvanceCOMP 2.1. An attacker can exploit this vulnerability to cause a denial of service segmentation error or possibly other impac...

TAU Threat Intelligence Notification: Spear Phishing Targeting Italy

Summary This campaign is targeting users in Italy with spear phishing email containing malicious attachments. Figure 1: Emails with the malicious XLS attachment The image above show one of the sample has attached in multiple email that has been sent to email address with Italy ccTLD. The attached...

Out-of-bounds

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and...

CVE-2018-3973

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and...

ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

Security Advisory - Memory Double Free Vulnerability in Image Processing Module of Some Huawei Smart Phones

The image processing module of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash. Vulnerability ID: HWPSIRT-2018-110...

CVE-2019-6976

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image...

Memory Corruption Vulnerability in NexusImage Processing of BMP Images

NexusImage is an image viewer. NexusImage suffers from a memory corruption vulnerability when processing BMP images, which can be exploited by an attacker to crash the program by constructing malformed BMP images...

[SECURITY] Fedora 29 Update: leptonica-1.77.0-1.fc29

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

[SECURITY] Fedora 28 Update: leptonica-1.77.0-1.fc28

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

[SECURITY] [DLA 1619-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u5 CVE ID : CVE-2018-20184 CVE-2018-20185 CVE-2018-20189 Debian Bug : 916752 916719 916721 Multiple vulnerabilities have been found in GraphicsMagick, the image processing system. CVE-2018-20184 The WriteTGAImage function tga.c is affected by a...

Debian: Security Advisory (DLA-1619-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibRaw 'unpacked_load_raw()' Function Denial of Service Vulnerability

LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A denial of service vulnerability exists in the LibRaw 'unpackedloadraw' function. An attacker can exploit the vulnerability to cause a DoS Denial of Service...

UBUNTU-CVE-2018-18498

A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, and Firefox 64...

ImageMagick Denial of Service Vulnerability (CNVD-2018-26703)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the 'WritePDBImage' function in the coders/pdb.c file in ImageMagick version...

ghostscript sandbox bypass remote command execution vulnerability alerts-a vulnerability alert-the black bar safety net

! 0x00 vulnerability background 11 on the 21st, Semmle team of security researchers Man Yue Mo by semmle website, once again that ghostscript security sandbox can be bypassed by constructing a malicious PDF content that can cause remote command execution. ghostscript is widely used, ImageMagick,...