Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the addImage and html methods when processing BMP image data with unvalidated dimensions. An attacker can cause excessive memory allocation and application unavailability by...

SUSE CVE-2013-7437

Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow...

UBUNTU-CVE-2013-7437

Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow...

kernel: incomplete fix for CVE-2011-4131

The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words in an...

DEBIAN-CVE-2012-5511

Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service crash via a large bitmap image...

CVE-2008-5937

AyeView 2.20 allows user-assisted attackers to cause a denial of service memory consumption or application crash via a bitmap aka .bmp file with large height and width values...