32 matches found
CVE-2018-20545
There is an illegal WRITE memory access at common-image.c function loadimage in libcaca 0.99.beta19 for 4bpp data...
CVE-2018-20548
There is an illegal WRITE memory access at common-image.c function loadimage in libcaca 0.99.beta19 for 1bpp data...
CVE-2017-13066
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c...
Design/Logic Flaw
The bmpreadinfoheader function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service memory allocation failure in the opjimagecreate function in lib/openjp2/image.c, related to the opjalignedallocn...
CVE-2017-12935
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c...
Input validation
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service...
CVE-2017-12434
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service assertion failure in DestroyImageInfo in image.c...
CVE-2017-12434
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service assertion failure in DestroyImageInfo in image.c...
CVE-2010-1513
Ziproxy contains a vulnerability in src/image.c up to version 3.0.1 where integer overflows on processing unusually large JPG/PNG images lead to heap-based buffer overflows and remote arbitrary code execution. The issue affects Ziproxy before 3.0.1; remediation is to upgrade to 3.0.1 or newer (pe...
CVE-2005-0524
The phphandleiff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service infinite loop via a -8 size value...
CVE-2005-0525
The phpnextmarker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service infinite loop via a JPEG image with an invalid marker value, which causes a negative length value to be passed to...
CVE-2005-0524
The vulnerability CVE-2005-0524 affects PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3 via the getimagesize entry point. The php_handle_iff function in image.c can be triggered to loop infinitely by a -8 size value, allowing remote attackers to cause a denial of service. The provided documents name PHP secur...