Libfpx Security Vulnerabilities and Issues — Libfpx CVE List

Libfpx ProjectLibfpx

8 matches found

CVE•added 2017/08/28 7:0 p.m.•52 views

CVE-2017-12921

CVE-2017-12921 affects the libfpx library (version 1.3.1_p6). The vulnerability is in PFileFlashPixView::GetGlobalInfoProperty (f_fpxvw.cpp) and allows remote attackers to cause a denial of service via a crafted FPX image, caused by a NULL pointer dereference. Public sources document the conditio...

6.5CVSS6.2AI score0.01287EPSS

CVE•added 2017/08/28 7:0 p.m.•50 views

CVE-2017-12924

The vulnerability CVE-2017-12924 affects the library libfpx, specifically version 1.3.1_p6, where CDirVector::GetTable in dirfunc.hxx is vulnerable. A crafted FlashPIX image can trigger a divide-by-zero error, allowing remote attackers to cause a denial of service. The connected documents confirm...

6.5CVSS6.2AI score0.01287EPSS

CVE•added 2017/08/28 7:0 p.m.•50 views

CVE-2017-12925

CVE-2017-12925 affects libfpx 1.3.1_p6, with a vulnerability in DfFromLB (docfile.cxx) that can cause a denial of service via a crafted FlashPIX image due to a double-free flaw. Public references in the connected documents corroborate a DoS impact; exploitation details are not provided in the dat...

6.5CVSS6.3AI score0.01287EPSS

CVE•added 2017/08/28 7:0 p.m.•49 views

CVE-2017-12922

The CVE-2017-12922 vulnerability affects wchar.c in libfpx 1.3.1_p6, where a crafted Fpx image can be used by a remote attacker to cause a denial of service via a NULL pointer dereference. This results in partial availability impact per CVSS2 (base score 4.3) and a higher impact on availability w...

6.5CVSS6.2AI score0.01287EPSS

CVE•added 2018/02/09 6:0 p.m.•49 views

CVE-2018-6876

CVE-2018-6876: The OLEProperty class in ole/oleprop.cpp (libfpx 1.3.1-10), used by ImageMagick 7.0.7-22 Q16 and other products, can be triggered by a crafted BMP image to cause a remote stack-based buffer under-read, leading to denial of service. This vulnerability is documented in Nessus plugin ...

6.5CVSS6.2AI score0.02513EPSS

CVE•added 2017/08/28 7:0 p.m.•44 views

CVE-2017-12920

CVE-2017-12920 affects libfpx version 1.3.1_p6; the vulnerability is a denial of service caused by a NULL pointer dereference in CDirectory::GetDirEntry in dir.cxx when parsing a crafted FlashPIX (fpx) image. The connected sources describe a remote trigger via a crafted image; no exploitation sta...

6.5CVSS6.2AI score0.01287EPSS

CVE•added 2017/08/28 7:0 p.m.•43 views

CVE-2017-12919

CVE-2017-12919 describes a heap-based buffer overflow in libfpx 1.3.1_p6, specifically in OLEStream::WriteVT_LPSTR (olestrm.cpp). A remote attacker can cause a denial of service by supplying a crafted FPX image. The vulnerability is network-exploitable as indicated by the CVSS vector. Connected s...

6.5CVSS6.5AI score0.01363EPSS

CVE•added 2017/08/28 7:0 p.m.•42 views

CVE-2017-12923

CVE-2017-12923 concerns libfpx 1.3.1_p6. The flaw is in OLEStream::WriteVT_LPSTR (olestrm.cpp) that allows a remote attacker to cause a denial of service via a specially crafted FPX image, resulting in a NULL pointer dereference. The vulnerability is described across multiple sources (NVD entry a...

6.5CVSS6.2AI score0.01287EPSS