154 matches found
CVE-2020-27776
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability,...
CVE-2020-27761
WritePALMImage in /coders/palm.c used sizet casts in several areas of a calculation which could lead to values outside the range of representable type unsigned long undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to ssizet instead to avoid this issue. Re...
UBUNTU-CVE-2020-27761
WritePALMImage in /coders/palm.c used sizet casts in several areas of a calculation which could lead to values outside the range of representable type unsigned long undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to ssizet instead to avoid this issue. Re...
CVE-2020-27761
WritePALMImage in /coders/palm.c used sizet casts in several areas of a calculation which could lead to values outside the range of representable type unsigned long undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to ssizet instead to avoid this issue. Re...
ImageMagick Studio ImageMagick 输入验证错误漏洞
Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in ImageMagick versions prior to 7.0.9-0, which stems...
Denial Of Service (DoS)
ImageMagick is vulnerable to denial of service. An attacker is allowed to send an input value which is outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c to trigger an application crash...
CVE-2020-27758
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long long. This would most likely lead to an impact to application availability, but...
CVE-2020-27757
A floating point math calculation in ScaleAnyToQuantum of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The flaw could be triggered by a crafted input file under certain conditions when it is processed by...
OSV-2020-65 Heap-use-after-free in std::__1::vector<unsigned long, std::__1::allocator<unsigned long> >::begin
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21908 Crash type: Heap-use-after-free READ 8 Crash state: std::1::vector ::begin perfetto::traceprocessor::TrackTracker::ResolveDescriptorTrack perfetto::traceprocessor::TrackTracker::GetDescriptorTrackImpl...
PT-2019-5856 · Imagemagick +5 · Imagemagick +5
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: A floating point math calculation in the ScaleAnyToQuantum function of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigne...
CVE-2018-18710
An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...
DEBIAN-CVE-2017-9043
readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...
libtsm: Bad-cast to const std::__1::__less<unsigned long, unsigned long> *_start
Project: git://people.freedesktop.org/dvdhrm/libtsm Detailed report: https://oss-fuzz.com/testcase?key=4858886169296896 Project: libtsm Fuzzer: libFuzzerlibtsmfuzzer Fuzz target binary: libtsmfuzzer Job Type: libfuzzerubsanlibtsm Platform Id: linux Crash Type: Bad-cast Crash Address: 0x7ffe13981c...
unsorted bin attack analysis-vulnerability warning-the black bar safety net
One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...