PictBear Buffer Overflow Vulnerability

PictBear is image processing software for general users, known as the simple version of PHOTOSHOP. A buffer overflow vulnerability exists in the impBmp.ppi module of the software, which allows an attacker to exploit the vulnerability to construct a malformed BMP image that can lead to flooding of...

[SECURITY] Fedora 22 Update: GraphicsMagick-1.3.23-1.fc22

GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software...

Python Pillow and PIL 'PcdDecode.c' Local Buffer Overflow Vulnerability

PIL Python Image Library is a Python image processing library developed by Swiss software developer Fredrik Lundh. Python Pillow is a compiled version of PIL with some bug fixes developed by American software developer Alex Clark. A local buffer overflow vulnerability exists in Python Pillow...

[SECURITY] Fedora 22 Update: python-pillow-2.8.2-4.fc22

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

[SECURITY] Fedora 23 Update: python-pillow-3.0.0-2.fc23

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow (PoC)

!/usr/bin/env python Baumer VeriSens Application Suite 2.6.2 Buffer Overflow Vulnerability Vendor: Baumer Holding AG | Baumer Optronic GmbH Product web page: http://www.baumer.com Software link:...

libpng: Out-of-bounds read in png_convert_to_rfc1123

An array-indexing error was discovered in the pngconverttorfc1123 function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image...

Hornil's Multiple Products Address TGA Image Memory Corruption Vulnerability

Hornil is a South Korean software company.Hornil StylePix is a photo editing software.Hornil Photo Viewer is a lightweight image viewer window.... A memory corruption vulnerability exists in this class of tools when processing TGA images. The vulnerability allows an attacker to construct a...

Picture Window Pro Handles BMP Images Multiple Memory Corruption Vulnerabilities

Picture Window Pro is an image processing software. Multiple memory corruption vulnerabilities exist in the tool's handling of the BMP format, which can be exploited by attackers to construct malformed BMP images and crash the program. Successful exploitation could lead to arbitrary code executio...

Picture Window Pro Handles Multiple Memory Corruption Vulnerabilities in PCX Pictures

Picture Window Pro is an image processing software. Multiple memory corruption vulnerabilities exist when dealing with the PCX format, which can be exploited by attackers to construct malformed PCX images and crash the program. Successful exploitation could lead to arbitrary code execution...

libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions

It was discovered that the pnggetPLTE and pngsetPLTE functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer...

CVE-2015-6773

The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via crafted graphics data...

Linux kernel Direct Rendering Manager subsystem denial of service vulnerability

Linux kernel is an open source operating system. The Linux kernel's Direct Rendering Manager DRM subsystem fails to properly handle requests for Graphics Execution Manager GEM objects, which can be exploited by a local attacker to conduct a denial of service attack using applications that process...

[SECURITY] Fedora 22 Update: rawstudio-2.1-0.1.20150511git983bda1.fc22

Rawstudio is a highly specialized application for processing RAW images from digital cameras. It is not a fully featured image editing application. The RAW format is often recommended to get the best quality out of digital camera images. The format is specific to cameras and cannot be read by mos...

[SECURITY] Fedora 21 Update: rawstudio-2.1-0.1.20150511git983bda1.fc21

Rawstudio is a highly specialized application for processing RAW images from digital cameras. It is not a fully featured image editing application. The RAW format is often recommended to get the best quality out of digital camera images. The format is specific to cameras and cannot be read by mos...

WideImage Cross-Site Scripting Vulnerability

WideImage is an open source for image processing object-oriented PHP library . A cross-site scripting vulnerability exists in WideImage 11.02.19, which allows remote attackers to inject arbitrary web script or HTML via the matrix parameter of demo/indexphp...

Apple iO Disk Image Processing Information Disclosure Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of disk files that allows attackers to build malicious applications and gain access to the kernel layout...

A year later, Yahoo finally fixes the SSRF vulnerability-vulnerability warning-the black bar safety net

! After a lapse of a year later, Yahoo finally fixes the image processing system of the SSRF service end request forgery）vulnerabilities. SSRF service end request forgery）vulnerability, also known as XSPA（cross-site port attacks, the problem exists in the application program loading the user...

[SECURITY] Fedora 22 Update: rawtherapee-4.2-9.fc22

Rawtherapee is a RAW image processing software. It gives full control over many parameters to enhance the raw picture before finally exporting it to some common image format...

Pillow Jpeg2KImagePlugin Plugin Denial of Service Vulnerability

Python Image Library PIL is a Python image processing library developed by Swiss software developer Fredrik Lundh. Pillow is a compiled version of PIL with some bug fixes developed by American software developer Alex Clark, and Jpeg2KImage is one of the image processing plugins. Jpeg2KImage is on...