CVE-2021-33602

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive LZW decompression method, and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service o...

Design/Logic Flaw

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive LZW decompression method, and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service o...

CVE-2021-33602

The CVE-2021-33602 issue affects the F-Secure Antivirus engine, where unpacking a ZIP archive via LZW decompression can crash the scanning engine. Exploitation is described as remote and can result in Denial-of-Service of the antivirus engine. Supported sources (Red Hat, NVD, CVE lists, CNNVD) co...

Simple DirectMedia Layer SDL2_Image LWZ Decompression Buffer Overflow Vulnerability

Summary A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. Tested Versions Simple DirectMedia Layer...

Iceni Argus PDF Inflate+LZW Decompression Heap-Based Buffer Overflow Vulnerability(CVE-2016-8387)

Summary An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to...

Iceni Argus PDF Inflate+LZW Decompression Heap-Based Buffer Overflow Vulnerability

Summary An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This can lead to...

Oracle: Security Advisory (ELSA-2011-1154)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-2133

Buffer overflow in Cisco Advanced Recording Format ARF player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted .arf file that triggers improper LZW...

BSD compress LZW decoder buffer overflow

The LZW decompressor in 1 the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and 2 compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products,...

libXfont security update

1.4.1-2 - cve-2011-2895.patch: LZW decompression heap corruption...

libXfont -- possible local privilege escalation

Tomas Hoger reports: The compress/ LZW decompress implentation does not correctly handle compressed streams that contain code words that were not yet added to the decompression table. This may lead to arbitrary memory corruption. Successfull exploitation may possible lead to a local privilege...

Heap overflow

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file, related to LZW...

CVE-2009-2950

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file, related to LZW...

CVE-2009-2950

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file, related to LZW...

CVE-2009-2950

CVE-2009-2950 is a heap-based buffer overflow in OpenOffice.org’s GIFLZWDecompressor (decode.cxx) that can be triggered by a crafted GIF file, potentially causing an application crash or arbitrary code execution. Affected product: OpenOffice.org prior to 3.2. Connected advisories (Debian, Red Hat...

CVE-2009-2950

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted GIF file, related to LZW...

gzip integer overflow

Integer overflow on LZW decompression...