70 matches found
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff
A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...
PT-2023-6960 · Golang +2 · Golang +2
Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: The issue is related to excessive CPU consumption during decoding. A maliciously-crafted image, specifically a tiled image with a height of 0 and a very large width, can cause this excessive...
PT-2023-19363 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery
Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.13 Description: The issue arises from insufficient input sanitization and output escaping, making it possible for unauthenticated...
SUSE CVE-2016-9540
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...
SUSE CVE-2020-15304
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...
SUSE CVE-2021-20303
A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, wit...
Vulnerability of the DeepTiledInputFile::initialize() function (src/lib/OpenEXR/ImfDeepTiledInputFile.cpp) in the OpenEXR library, which allows a hacker to cause a service failure or execute arbitrary code.
The vulnerability of the DeepTiledInputFile::initialize function located in src/lib/OpenEXR/ImfDeepTiledInputFile.cpp in the OpenEXR library is related to integer overflow when processing input files. Exploiting this vulnerability can allow an attacker to cause a service failure or execute...
OESA-2021-1060 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.CVE-2017-9114 ...
PT-2020-6855 · Openexr +3 · Openexr +3
Name of the Vulnerable Software and Affected Versions: OpenEXR affected versions not specified Description: A flaw was found in OpenEXR's TiledInputFile functionality, allowing an attacker to trigger a floating-point exception error by submitting a crafted single-part non-image. This flaw is...
Denial Of Service (DoS)
OpenEXR is vulnerable to denial of service. A NULL pointer dereference in the function TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp allows an attacker to cause a denial of service condition via an invalid tiled input file...
AZL-45090 CVE-2020-15304 affecting package OpenEXR 2.3.0-6
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...
DEBIAN-CVE-2020-15304
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...
Null pointer dereference
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...
CVE-2020-15304
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...
CVE-2020-15304
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...
PT-2020-14344 · Ilm +2 · Openexr +2
Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 2.5.2 Description: An issue was discovered where an invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer...
Out-of-bounds Write
libtiff is vulnerable to out-of-bounds write. Tiled images with odd tile width versus image width, make the function cpStripToTile of the file tools/tiffcp.c vulnerable to out-of-bounds writes resulting in denial of service...
libtiff: cpStripToTile heap-buffer-overflow
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...