EUVD-2025-199017

pypdf's LZWDecode streams be manipulated to exhaust RAM...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via improper output length handling in the GIF LZW decoding process. An attacker can access limited portions of uninitialized memory by providing a specially crafted GIF file that triggers the inclusion of arbitrary...

gdk-pixbuf: heap-buffer overflow when decoding the lzw compressed stream of image data

A flaw was found in gdk-pixbuf. The vulnerability occurs due to the index overwriting in the lzwdecodernew function, leading to a heap buffer overflow. This flaw allows an attacker to input a specially crafted GIF file, leading to a crash or code execution...

编号撤回

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. This CVE number has been withdrawn...

编号撤回

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. This CVE number has been withdrawn...

编号撤回

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. This CVE number has been withdrawn...

XPDF 代码问题漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. A security vulnerability exists in XPDF version 4.04, which stems from vulnerability to the null pointer dereference attack in FoFiType1C.cc:2393...

XPDF 安全漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF commit id ffaf11c has a security vulnerability that originates from /xpdf/Lexer.cc in Lexer::getObjObject contains a global buffer overflow...

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619 allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources the fix is available with commit b4e79bfa.

...

Silicon Graphics LibTIFF 缓冲区错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in Silicon Graphics LibTIFF. An attacker could use this...

DEBIAN-CVE-2021-44648

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12...

Out-of-bounds Write

GNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals 12...

gdk-pixbuf 缓冲区错误漏洞

gdk-pixbuf is an image loading library. A security vulnerability exists in gdk-pixbuf 2.42.6, which originates from a heap buffer overflow vulnerability when decoding lzw compressed image data streams in GIF files with lzw minimum code size equal to 12...

CVE-2015-1860 analysis: Qt module for processing GIFs cause a crash-bug warning-the black bar safety net

Vulnerability background Qt is a cross-platform graphical interface programming Framework, and its version is less than 4. 8. 7 and 5. x is less than 5. 4. 2 analytical picture of the process for cross-border inspections of improper handling, will result in the memcpy of the process occurs out of...

Oracle: Security Advisory (ELSA-2009-1159)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 2.1 : libtiff (OVMSA-2009-0027)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix buffer overrun risks caused by unchecked integer overflow CVE-2009-2347 Resolves: 507725 - Fix some more LZW decoding vulnerabilities CVE-2009-2285 Resolves: 507725 - Update upstream URL - Use...

(gif2tiff): GIF LZW decoder missing datasize value check

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service out-of-bounds write via a crafted 1 extension block in a GIF image or 2 GIF raster image to tools/gif2tiff.c or 3 a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are...

Oracle Linux 5 : libtiff (ELSA-2009-1159)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1159 advisory. - Fix buffer overrun risks caused by unchecked integer overflow CVE-2009-2347 Resolves: 507725 - Fix some more LZW decoding vulnerabilities CVE-2009-22...

Fedora Core 10 FEDORA-2009-7717 (mingw32-libtiff)

The remote host is missing an update to mingw32-libtiff announced via advisory FEDORA-2009-7717. OpenVAS Vulnerability Test $Id: fcore20097717.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-7717 mingw32-libtiff Authors: Thomas Reinke Copyright:...

Fedora Core 10 FEDORA-2009-7724 (libtiff)

The remote host is missing an update to libtiff announced via advisory FEDORA-2009-7724. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...