MS06-001: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (912919)

The remote host contains a version of Microsoft Windows that is missing a critical security update that fixes several vulnerabilities in the Graphic Rendering Engine, and in the way Windows handles Metafiles. An attacker could exploit these flaws to execute arbitrary code on the remote host. To...

PT-2005-5230 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A remote code execution issue exists in the Graphics Rendering Engine due to its handling of Windows Metafile WMF images. An attacker could exploit this by creating a specially crafted WMF...

Microsoft Windows Graphics Rendering Engine WMF SetAbortProc Code Execution Vulnerability

Description Microsoft Windows WMF graphics rendering engine is affected by a remote code-execution vulnerability. This issue affects the 'SetAbortProc' function. The problem presents itself when a user views a malicious WMF formatted file, triggering the vulnerability when the engine attempts to...

Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities

Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/16002/info Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...

[Overflow.pl] Blender BlenLoader Integer Overflow

Overflow.pl Security Advisory 4 Blender BlenLoader Integer Overflow Vendor: Blender http://www.blender.org Affected version: 2.x up to and including 2.40pre Vendor status: Notified. No patch available. Author: Damian Put [email protected] URL: http://www.overflow.pl/adv/blenderinteger.txt Date:...

DSA-913-1 gdk-pixbuf - several

Bulletin has no description...

CVE-2005-2124

The CVE-2005-2124 entry concerns a vulnerability in the Windows Graphics Rendering Engine (GDI32.DLL) affecting Windows 2000 SP4, XP SP1/SP2, and Server 2003 SP1. The flaw stems from an unchecked buffer in WMF handling, enabling remote code execution via a crafted Windows Metafile image. Exploita...

CVE-2005-2975

CVE-2005-2975 affects the gdk-pixbuf XPM image reader in GTK+ (io-xpm.c): vulnerable in GTK+ builds prior to 2.8.7 to denial-of-service via a crafted XPM image with many colors (infinite loop). Remediation: upgrade to GTK+ 2.8.7 or apply the upstream security update/version referenced by the advi...

CVE-2005-2975

io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service infinite loop via a crafted XPM image with a large number of colors...

security flaw

io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service infinite loop via a crafted XPM image with a large number of colors...

Microsoft Security Bulletin MS05-053 Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)

Microsoft Security Bulletin MS05-053 Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution 896424 Published: November 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity...

Microsoft Windows buffer overflow in Enhanced Metafile rendering API

Overview Microsoft Windows Enhanced Metafile Format image rendering routines contain a buffer overflow flaw that may allow an attacker to cause a denial-of-service condition. Description Microsoft describes the Enhanced Metafile Format EMF as the following:An EMF image is a 32-bit format that can...

Microsoft Windows Graphics Rendering Engine buffer overflow vulnerability

Overview Microsoft Windows Graphics Rendering Engine contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile WMF and...

Microsoft Windows Graphics Rendering Engine WMF Format Code Execution Vulnerability

Description Microsoft Windows WMF graphics rendering engine is affected by a remote code execution vulnerability. The problem presents itself when a user views a malicious WMF formatted file, triggering the vulnerability when the engine attempts to parse the file. A malicious file can cause an...

MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)

The remote host contains a version of Microsoft Windows missing a critical security update to fix several vulnerabilities in the Graphic Rendering Engine, and in the way Windows handles Metafiles. An attacker could exploit these flaws to execute arbitrary code on the remote host by sending a...

CVE-2005-3312

The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cross-site scripting XSS attacks via HTML in corrupted images and other files such as .GIF, JPG, and WAV, which is rendered as HTML when the user clicks on the link, even though the web server response...

Zomplog 3.33.4 - detail.php HTML Injection

Zomplog 3.33.4 - detail.php HTML Injection source: https://www.securityfocus.com/bid/15168/info Zomplog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

security flaw

Direct Rendering Manager DRM driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service X Server crash and possibly modify the video output...

Fedora Core 3 : firefox-1.0.2-1.3.1 (2005-246)

A buffer overflow bug was found in the way Firefox processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the...

Fedora Core 3 : firefox-1.0.1-1.3.1 (2005-182)

This update fixes several security vulnerabilities in Firefox 1.0. It is recommended that all users update to Firefox 1.0.1. Additionally, this update backports several fixes from rawhide. This update enables pango font rendering by default. This update enables smooth scrolling by default. On...