2178 matches found
ImageMagick Buffer Overflow Vulnerability (CNVD-2017-00075)
ImageMagick is an open source image viewing and editing tool for Unix/Linux platforms. ImageMagick suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of an affected application...
[SECURITY] [DSA 3746-1] graphicsmagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3746-1 [email protected] https://www.debian.org/security/ Luciano Bello December 24, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3746-1 (graphicsmagick - security update)
Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based...
FreeBSD : Pillow -- multiple vulnerabilities (bc4898d5-a794-11e6-b2d3-60a44ce6887b)
Pillow reports : Pillow prior to 3.3.2 may experience integer overflow errors in map.c when reading specially crafted image files. This may lead to memory disclosure or corruption. Pillow prior to 3.3.2 and PIL 1.1.7 at least do not check for negative image sizes in ImagingNew in Storage.c. A...
ImageMagick Denial of Service Vulnerability (CNVD-2016-11687)
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. ImageMagick has a denial of service vulnerability that can be exploited by attackers to cause a denial of service...
CmsEasy front Desk arbitrary code execution vulnerability
Source link: https://xianzhi.aliyun.com/forum/read/215.html 在补丁页面http://www.cmseasy.cn/patch/show1116.html下载补丁CmsEasyforUploads20161012.zip Modified files no more 通过diff发现补丁中lib/default/toolact.php 392 row cutimageactionfunction is commented out Take a look at this function php /function...
PHP LibGD Stack Buffer Overflow Vulnerability
libGD is an open source library for dynamically creating images , it supports the creation of charts, graphs and thumbnails and so on. PHP LibGD suffers from a stack buffer overflow vulnerability that allows remote attackers to submit special requests and conduct denial of service attacks...
[SECURITY] Fedora 23 Update: python-pillow-3.0.0-6.fc23
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
GraphicsMagick Heap Overflow Vulnerability
GraphicsMagick is the Swiss Army Knife of image processing. The short and compact code provides a robust and efficient collection of tools and libraries. GraphicsMagick WPG format reader fails to check if a color mapping table entry is greater than 256, leading to a potential heap overflow...
ImageMagick Denial of Service Vulnerability (CNVD-2016-08684)
ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A denial of service vulnerability exists in ImageMagick, which can be exploited by attackers to cause a denial of service...
[SECURITY] Fedora 24 Update: python-pillow-3.2.0-3.fc24
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...
GraphicsMagick Heap Buffer Overflow Vulnerability
GraphicsMagick is a simple set of image processing tools. A heap buffer overflow vulnerability exists in GraphicsMagick 8BIM/8BIMW, which could be exploited by an attacker to execute arbitrary script and code in the context of an affected program...
ALPINE-CVE-2016-3625
tifread.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via a crafted TIFF image...
CVE-2016-3620
The ZIPEncode function in tifzip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...
USN-3090-1: Pillow vulnerabilities
It was discovered that a flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed, potentially leading to a denial of service. CVE-2014-9601 Andrew Drake discovered that Pillow incorrectly validated input. A remote attacker could use...
ImageMagick heap buffer overflow vulnerability (CNVD-2016-08167)
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. ImageMagick suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause the...
[SECURITY] Fedora 23 Update: GraphicsMagick-1.3.25-1.fc23
GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...
[SECURITY] Fedora 24 Update: GraphicsMagick-1.3.25-1.fc24
GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...
[SECURITY] Fedora 25 Update: GraphicsMagick-1.3.25-1.fc25
GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...
CVE-2016-6291
Removed by vendor...