USN-480-1: Gimp vulnerability

Stefan Cornelius discovered that Gimp could miscalculate the size of heap buffers when processing PSD images. By tricking a user into opening a specially crafted PSD file with Gimp, an attacker could exploit this to execute arbitrary code with the user's privileges...

Mandrake Linux Security Advisory : emacs (MDKSA-2007:133)

A vulnerability in emacs was discovered where it would crash when processing certain types of images. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandrake...

GNU emacs DoS

Crash on images processing...

[SECURITY] [DSA 1316-1] New emacs21 packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory dsa-1316 [email protected] http://www.debian.org/security/ Steve Kemp June 21, 2007 - ------------------------------------------------------------------------ Package : emacs21 21.4a+1-3etch1...

DSA-1316-1 emacs21

Bulletin has no description...

GLSA-200705-24 : libpng: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200705-24 libpng: Denial of Service Mats Palmgren fixed an error in file pngrutil.c in which the trans array might be not allocated because of images with a bad tRNS chunk CRC value. Impact : A remote attacker could craft an image...

DEBIAN-CVE-2007-2756

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service CPU consumption via a crafted PNG image with truncated data, which causes an infinite loop in the pngreadinfo function in libpng...

SUSE-SA:2006:063: Qt

The remote host is missing the patch for the advisory SUSE-SA:2006:063 Qt. Multiple integer overflows have been found in image processing functions within the Qt class library, used for instance by the web browser 'konqueror' and its rendering engine 'khtml'. These problems could potentially lead...

Sun Microsystems Java GIF image processing buffer overflow

Overview A vulnerability in the Sun Java Runtime Environment may allow an attacker to execute arbitrary code on a vulnerable system. Description The Sun Java Runtime Environment JRE allows users to run Java applications in a browser or as standalone programs. Sun has made the JRE available for...

Imlib2 -- multiple image file processing vulnerabilities

Secunia reports: Some vulnerabilities have been reported in imlib2, which can be exploited by malicious people to cause a DoS Denial of Service or potentially compromise an application using the library. The vulnerabilities are caused due to unspecified errors within the processing of JPG, ARGB,...

CVE-2006-4066

The CVE-2006-4066 entry affects the Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2. The vulnerability allows context-dependent attackers to cause a denial of service (application crash) by feeding images that trigger a divide-by-zero error, demonstrated via an I...

CentOS 3 : PHP (CESA-2005:405)

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP...

On the QQ upgrade custom emoticons vulnerability-vulnerability warning-the black bar safety net

QQ2006 New Year Edition SP2 Fix Windows XP not playing MS04-0 2 8 overflow vulnerability patch case the presence of security issues QQ requires the upgrade How to use this? First, we have to make the picture of the Trojans! Tool a lot of their own to go to baidu to find! I have always advocated i...

Intel Graphics Accelerator Driver - Remote Denial of Service

source: https://www.securityfocus.com/bid/16127/info The Intel Graphics Accelerator driver is susceptible to a remote denial of service vulnerability. This issue is demonstrated to occur when the affected driver attempts to display an overly long text in a text area. This issue allows attackers t...

Inkscape 0.41/0.42 - '.SVG' Image Buffer Overflow

source: https://www.securityfocus.com/bid/15507/info Inkscape is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before copying it into a finite sized buffer. When the application processes a malformed...

gtk2 security update

CentOS Errata and Security Advisory CESA-2005:811 Updated gtk2 packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating...

xloadimage buffer overflow.

Hi, While creating a stripped down version of xloadimage, I have discovered three buffer overflows in xloadimage when handling the image title name. Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file...

xloadimage -- buffer overflows in NIFF image title handling

Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. ...

firefox & mozilla -- multiple vulnerabilities

A Mozilla Foundation Security Advisory reports of multiple issues: Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to insta...

[SECURITY] [DSA 729-1] New PHP4 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 729-1 [email protected] http://www.debian.org/security/ Martin Schulze May 26th, 2005 http://www.debian.org/security/faq -...