19 matches found
ImageMagick: Security hardening
Background ImageMagick is a collection of tools and libraries for many image formats. Description If you process an image with ImageMagick and don’t validate the file before e.g. check magic byte, ImageMagick will call any coders found in the given file. So if ImageMagick will find Ghostscript fo...
Graphite: User-assisted execution of arbitrary code
Background Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world. Description An out-of-bounds write has been found in the Graphite 2 library. Impact A remote attacker could entice a user to open a specially crafted document usi...
OptiPNG: Multiple vulnerabilities
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description Multiple vulnerabilities have been discovered in OptiPNG. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user...
OptiPNG: User-assisted execution of arbitrary code
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description A use-after-free vulnerability exists in the palette reduction functionality of OptiPNG. Impact A remote attacker could entice a user to open a specially crafted imag...
Blender: Multiple vulnerabilities
Background Blender is a 3D Creation/Animation/Publishing System. Description Multiple vulnerabilities have been discovered in Blender. Please review the CVE identifier referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process, ...
Gentoo Security Advisory GLSA 201110-08 (feh)
The remote host is missing updates announced in advisory GLSA 201110-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 201110-08 (feh)
The remote host is missing updates announced in advisory GLSA 201110-08. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
Gentoo Security Advisory GLSA 201101-01 (gif2png)
The remote host is missing updates announced in advisory GLSA 201101-01. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
Gentoo Security Advisory GLSA 201101-01 (gif2png)
The remote host is missing updates announced in advisory GLSA 201101-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
OptiPNG: User-assisted execution of arbitrary code
Background OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. Description A buffer overflow in the BMP reader in OptiPNG has been reported. Impact A remote attacker could entice a user to process a specially crafted BMP image, possibly...
Gentoo Security Advisory GLSA 200510-26 (xli xloadimage)
The remote host is missing updates announced in advisory GLSA 200510-26. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200603-18 (pngcrush)
The remote host is missing updates announced in advisory GLSA 200603-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200410-11 (tiff)
The remote host is missing updates announced in advisory GLSA 200410-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200707-09 (gimp)
The remote host is missing updates announced in advisory GLSA 200707-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200510-26 (xli xloadimage)
The remote host is missing updates announced in advisory GLSA 200510-26. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200410-11 (tiff)
The remote host is missing updates announced in advisory GLSA 200410-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200501-09 (xzgv)
The remote host is missing updates announced in advisory GLSA 200501-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200503-05 (xli)
The remote host is missing updates announced in advisory GLSA 200503-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
zgv, xzgv: Heap overflow
Background xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Description Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space...