11 matches found
SUSE CVE-2014-3598
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image...
Denial Of Service (DoS)
pillow is vulnerable to denial of service. An attacker can send a malicious Jpeg2K image with multiple bands to cause an out-of-bounds read in the J2kDecode function in j2kugrayi...
EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2021-1273)
According to the versions of the python-pillow packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trust...
Pillow Jpeg2KImagePlugin Plugin Denial of Service Vulnerability
Python Image Library PIL is a Python image processing library developed by Swiss software developer Fredrik Lundh. Pillow is a compiled version of PIL with some bug fixes developed by American software developer Alex Clark, and Jpeg2KImage is one of the image processing plugins. Jpeg2KImage is on...
ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-135 August 3, 2012 - -- CVE ID: CVE-2012-0661 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...
Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Apple...
Gentoo Security Advisory GLSA 200812-18 (jasper)
The remote host is missing updates announced in advisory GLSA 200812-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200812-18 (jasper)
The remote host is missing updates announced in advisory GLSA 200812-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
[ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code
Gentoo Linux Security Advisory GLSA 200812-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
GLSA-200812-18 : JasPer: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200812-18 JasPer: User-assisted execution of arbitrary code Marc Espie and Christian Weisgerber have discovered multiple vulnerabilities in JasPer: Multiple integer overflows might allow for insufficient memory allocation, leading...
Security fix for the ALT Linux 5 package netpbm version 10.35.30-alt1
Aug. 20, 2007 Alexey Tourbin 10.35.30-alt1 - 10.33 - 10.35.30 from netpbm.svn.sourceforge.net repo + fixes buffer overflow in pamtofits CVE-2006-3145 - sync RedHat patches Jindrich Novy, 10.35-14 + pamscale won't waste all system resources by usage of uninitialized variables for output image...