11 matches found
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017522)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017522 advisory. TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for dc:format=\image/dng\ within profile due to improper stri...
EUVD-2020-18329
Malware in sbrugna...
CVE-2020-25667
TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...
CVE-2020-25667
TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...
CVE-2020-25667
TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...
Design/Logic Flaw
TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...
CVE-2020-25667
TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...
CVE-2020-25667
TIFFGetProfiles in /coders/tiff.c calls strstr which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to...
CVE-2020-25667
A flaw was found in TIFFGetProfiles in /coders/tiff.c calls strstr, which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of...
imagemagick:encoder_tiff_fuzzer: Heap-buffer-overflow in BlobToStringInfo
Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5708805818286080 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encodertifffuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow READ 16...
imagemagick:ping_ptif_fuzzer: Heap-buffer-overflow in TIFFGetProfiles
Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5638770103156736 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: pingptiffuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash...