198 matches found
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw related to accessing an uninitialized pointer was discovered in X.Org and Xwayland. The compCheckRedirect function may fail if it cannot allocate the backing pixmap. In such cases, compRedirectWindow will return a BadAlloc error without validating the window tree just before processing; as...
Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap
...
libXpm: Multiple Vulnerabilities
Background The X PixMap image format is an extension of the monochrome X BitMap format specified in the X protocol, and is commonly used in traditional X applications. Description Multiple vulnerabilities have been discovered in libXpm. Please review the CVE identifiers referenced below for...
libXpm: out of bounds read in XpmCreateXpmImageFromBuffer()
A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system...
SUSE CVE-2023-51103
A floating point exception divide-by-zero vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fznewpixmapfromfloatdata of pixmap.c...
UBUNTU-CVE-2023-51103
A floating point exception divide-by-zero vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fznewpixmapfromfloatdata of pixmap.c...
MuPDF Number Error Vulnerability
MuPDF is MuPDF open source a free and open source software library written in C . Used to render pages as bitmaps, but also provides support for other operations such as searching and listing directories and links. A numeric error vulnerability exists in MuPDF version 1.23.4 due to a floating poi...
PT-2023-9298 · Artifex +2 · Artifex Mupdf +2
Name of the Vulnerable Software and Affected Versions: Artifex MuPDF version 1.23.4 Description: A floating point exception divide-by-zero vulnerability was discovered in the function fz new pixmap from float data of pixmap.c. This issue is related to a division by zero error. Exploitation of thi...
CVE-2023-51103
A floating point exception divide-by-zero vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fznewpixmapfromfloatdata of pixmap.c...
[SECURITY] [DLA 3603-1] libxpm security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3603-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 05, 2023 https://wiki.debian.org/LTS -...
USN-6407-1 libx11 vulnerabilities
Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code...
[SECURITY] [DLA 3459-1] libxpm security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3459-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 20, 2023 https://wiki.debian.org/LTS -...
libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c
A heap-based buffer overflow vulnerability was found in libjpeg-turbo in the getwordrgbrow function in rdppm.c. The flaw occurs when the PPM reader in libjpeg-turbo mishandles use of the tjLoadImage function for loading a 16-bit binary PPM file into a grayscale uncompressed image buffer and then...
SUSE CVE-2004-0687
Multiple stack-based buffer overflows in 1 xpmParseColors in parse.c, 2 ParseAndPutPixels in create.c, and 3 ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file...
SUSE CVE-2004-0783
Stack-based buffer overflow in xpmextractcolor io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in a...
SUSE CVE-2005-2495
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image...
SUSE CVE-2006-4811
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted pixmap image...
SUSE CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap...
SUSE CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...
SUSE CVE-2010-0991
Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted 1 ARGB, 2 XPM, or 3 BMP file, related to the IMAGEDIMENSIONSOK macro in lib/image.h...