8 matches found
Adobe Bridge SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...
python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2
An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable. This flaw allows an attacker to crash the application or potentially execute code on the system. The highest...
Updated python-pillow packages fix security vulnerabilities
Updated python-pillow packages fix security vulnerabilities: It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service CVE-2019-16865, CVE-2019-19911. It was discovered that Pillow incorrectly handled certain TIFF...
Ubuntu 16.04 LTS / 18.04 LTS : Pillow vulnerabilities (USN-4272-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4272-1 advisory. It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service...
Mac OS X 10.10.5 / 10.11.6 Multiple Vulnerabilities (Security Update 2016-002 / 2016-006)
The remote host is running a version of Mac OS X that is 10.10.5 but is missing Security Update 2016-006, or else it is version 10.11.6 but is missing Security Update 2016-002. It is, therefore, affected by multiple vulnerabilities : - A memory corruption issue exists in the AppleGraphicsControl...
openSUSE 10 Security Update : ImageMagick (ImageMagick-2414)
A security problem was fixed in ImageMagick during decoding SGI images. The issue in question is CVE-2006-4144 which we addressed before was not completely fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSU...
Debian DSA-1213-1 : imagemagick - several vulnerabilities
Several remote vulnerabilities have been discovered in Imagemagick, a collection of image manipulation programs, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-0082 Daniel Kobras discovered that...
Apple QuickTime fails to properly handle SGI images
Overview Apple QuickTime fails to properly handle SGI images. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Description Apple QuickTime is multimedia software that allows users to view local and remote audio, vide...