EUVD-2020-14445

Malware in sbrugna...

EUVD-2020-16646

Malware in sbrugna...

CVE-2020-21677

A heap-based buffer overflow in the sixelencoderoutputwithoutmacro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service DOS via converting a crafted PNG file into Sixel format...

Path Traversal in convert-svg packages

This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file...

CVE-2020-21677

A heap-based buffer overflow in the sixelencoderoutputwithoutmacro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service DOS via converting a crafted PNG file into Sixel format...

SUSE-SU-2020:0411-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issue fixed: - CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage bsc1159861. - CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage bsc1160369. Non-security issue fixed: - Fixed an issue where...

openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2020:0170-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2020:0275-1)

This update for ImageMagick fixes the following issues : Security issue fixed : CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage bsc1159861. CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage bsc1160369. Non-security issue fixed : Fixed an issue where converti...

ghostscript security update

9.07-29.el75.2 - Fix MediaPosition, ManualFeed and MediaType with pxl devices bug 1629842 9.07-29.el75.1 - Added security fixes for: - CVE-2018-16509 bug 1621156 - CVE-2018-15910 bug 1621157 - CVE-2018-16542 bug 1621380 9.07-29 - Fix rare Segmentation fault when converting PDF to PNG bug 1473337 ...

Microsoft Internet Explorer 11 - MSHTML CPaste­Command::Convert­Bitmapto­Png Heap Buffer Overflow (MS14-056)

Security Settings - Choose a zone - Scripting should prevent websites from programmatically copy/pasting an image. Disabling execution of scripts on web-pages altogether will have the same effect. Please note that neither option prevents a website from social engineering the user into typing a...

Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution Exploit

Foxit Reader versions 7.0.8 through 7.1.5 suffer from a PNG conversion parsing tEXt chunk arbitrary code execution vulnerability. Exploit Title: Foxit Reader PNG Conversion Parsing tEXt chunk - Arbitrary Code Execution Date: 07/07/2015 Exploit Author: Sascha Schirra Vendor Homepage:...

Foxit Reader - .png Conversion Parsing tEXt Chunk Arbitrary Code Execution

Foxit Reader - .png Conversion Parsing tEXt Chunk Arbitrary Code Execution Exploit Title: Foxit Reader PNG Conversion Parsing tEXt chunk - Arbitrary Code Execution Date: 07/07/2015 Exploit Author: Sascha Schirra Vendor Homepage: https://www.foxitsoftware.com Software Link:...

Foxit Reader 7.1.5 Arbitrary Code Execution

Exploit Title: Foxit Reader PNG Conversion Parsing tEXt chunk - Arbitrary Code Execution Date: 07/07/2015 Exploit Author: Sascha Schirra Vendor Homepage: https://www.foxitsoftware.com Software Link: https://www.foxitsoftware.com/downloads/ Version: 7.0.8 - 7.1.5 maybe also older versions tested...