45 matches found
CVE-2019-5086
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...
UBUNTU-CVE-2019-5086
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...
CVE-2019-5087
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary...
Integer overflow
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary...
UBUNTU-CVE-2019-5087
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary...
CVE-2019-5086
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...
Integer overflow
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...
CVE-2019-5087
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary...
CVE-2019-5087
CVE-2019-5087 affects xcftools 1.0.7, targeting the flattenIncrementally function in the xcf2png and xcf2pnm binaries. The vulnerability is an exploitable integer overflow while computing a row allocation size, which could corrupt memory and allow arbitrary code execution when a specially crafted...
CVE-2019-5086
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to...
CVE-2019-5086
The CVE-2019-5086 vulnerability affects xcftools 1.0.7, specifically the flattenIncrementally function in the xcf2png and xcf2pnm binaries. An integer overflow can occur while walking tiles in a specially crafted XCF file, potentially corrupting memory and allowing arbitrary code execution. Publi...
CVE-2019-5086
Removed by vendor...
Vulnerability Spotlight: Two remote code execution vulnerabilities in Xcftools
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Xcftools contains two remote code execution vulnerabilities in its flattenIncrementally function. Xcftools is a set of tools for handling Gimp’s XCF files. The software provides tools to extract information from an XCF file, and the...
PT-2019-17468 · Gimp +2 · Xcftools +2
Name of the Vulnerable Software and Affected Versions: xcftools version 1.0.7 Description: An integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries. This vulnerability can occur while calculating the row's allocation size, potentially...
xcftools flattenIncrementally tiles walk code execution vulnerability
Summary An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In orde...
PT-2019-17467 · Gimp +2 · Xcftools +2
Name of the Vulnerable Software and Affected Versions: xcftools version 1.0.7 Description: An integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries. This vulnerability can occur while walking through tiles and could be exploited to corrupt...
xcftools flattenIncrementally rows allocation code execution vulnerability
Summary An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row’s allocation size, that could be exploited to corrupt memory and eventually execute...
Stack overflow
Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the 1 xcf2pnm and 2 xcf2png utilities, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted image that causes a conversion to ...
CVE-2009-2175
Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the 1 xcf2pnm and 2 xcf2png utilities, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted image that causes a conversion to ...
CVE-2009-2175
Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the 1 xcf2pnm and 2 xcf2png utilities, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted image that causes a conversion to ...