Foxit Studio Photo Remote Code Execution Vulnerability (CNVD-2020-59779)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A remote code execution vulnerability exists in the handling of CR2 files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied dat...

Foxit Studio Photo Information Disclosure Vulnerability (CNVD-2020-59767)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An information disclosure vulnerability exists in the handling of CR2 files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied...

DEBIAN-CVE-2018-19655

A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

Updated rawtherapee packages fix CVE-2015-3885

Updated rawtherapee package fixes security vulnerability: The dcraw tool suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A maliciously crafted...

dcraw -- integer overflow condition

ocert reports: The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A malicious...