18 matches found
CVE-2018-11490
CVE-2018-11490 affects GIFLIB (dgif_lib.c: DGifDecompressLine) with a heap-based buffer overflow caused by an unchecked array index (Private->RunningCode - 2). Potential denial of service or other impact. Affected: GIFLIB (including usages in sam2p 0.49.4 and related builds) and giflib in vari...
CVE-2017-14628
CVE-2017-14628 affects sam2p 0.49.3, where a heap-based buffer overflow exists in the pcxLoadImage24 function (in_pcx.cpp). The issue can lead to denial of service. Public advisories confirm upstream fixes in later releases; Debian and OSV entries indicate the vulnerability was addressed in upstr...
CVE-2017-14637
CVE-2017-14637 affects sam2p 0.49.3, where an invalid read of size 2 in parse_rgb() inside in_xpm.cpp can also cause a write to an illegal address. This is documented in multiple feeds (including OSV/DEBIAN notes for sam2p vulnerabilities) and is tied to the set of related CVEs in sam2p 0.49.3. E...
CVE-2017-14631
sam2p 0.49.3 is affected by CVE-2017-14631 due to a signedness error in pcxLoadRaster within in_pcx.cpp, causing a heap-based buffer overflow. This affects the ability to process inputs that trigger the flaw and can lead to denial of service as described in CNVD-2017-34028 and related advisories....
CVE-2017-14630
In sam2p 0.49.3, CVE-2017-14630 describes an integer overflow in pcxLoadImage24 (in_pcx.cpp) that leads to an invalid write. Related issues in the same release include heap-based overflows and signedness/overflow errors in pcxLoadImage24, pcxLoadRaster, and in_xpm.cpp (CVE-2017-14628, -14629, -14...
CVE-2017-14636
CVE-2017-14636 affects sam2p 0.49.3. An integer overflow leads to a loop that may execute 0xffffffff times, causing an invalid read of size 1 in Image::Indexed::sortPal (image.cpp) and memory corruption from writing to d[0xfffffffe]. Downstream advisories (e.g., Debian DLA-1127-1, Mageia MGASA-20...
CVE-2017-16663
CVE-2017-16663 affects sam2p 0.49.4, where integer overflows in input-bmp.ci ReadImage are caused by unsafe width*height multiplications, leading to heap-based buffer overflows and potential memory corruption. Connected sources confirm the vulnerability details but do not provide a specific remed...
CVE-2018-11489
The CVE-2018-11489 entry describes a heap-based buffer overflow in GIFLIB’s DGifDecompressLine (dgif_lib.c) and, later, in sam2p’s cgif.c (sam2p 0.49.4). The vulnerability arises because a CrntCode array index is not checked, enabling a heap overflow that can lead to denial of service or potentia...
CVE-2017-14629
CVE-2017-14629 affects sam2p 0.49.3: the in_xpm_reader function in in_xpm.cpp contains a signedness error that can crash the process when writing to an out-of-bounds array element (DoS). Multiple connected sources confirm the same issue and list this CVE among a set of fixes for sam2p; upstream r...
CVE-2018-7553
CVE-2018-7553 affects sam2p 0.49.4 and is described in multiple sources as a heap-based buffer overflow in pcxLoadRaster (in_pcx.cpp). Exploitation could cause denial of service or unspecified other impact. The available connected reports corroborate the vulnerability in sam2p 0.49.4, but they do...
CVE-2018-7551
CVE-2018-7551: There is an invalid free in MiniPS::delete0 in minips.cpp causing a segmentation fault in sam2p 0.49.4. A crafted input may lead to denial of service or unspecified other impact. This vulnerability is documented across multiple sources (NVD, OSV, Mageia, Debian NASL/OpenVAS records...
CVE-2018-7487
CVE-2018-7487 describes a heap-based buffer overflow in the LoadPCX function (in_pcx.cpp) of sam2p 0.49.4. A crafted input may cause a denial of service or unspecified impact. The entry is corroborated by multiple connected records (CNVD-2018-06417, OSV entries) noting the same LoadPCX heap overf...
CVE-2018-7552
CVE-2018-7552 describes an invalid free in Mapping::DoubleHash::clear within sam2p 0.49.4 that can cause a segmentation fault. Public disclosures in multiple feeds (OSV, Debian DLA-1340-1, OSV-UBUNTU-CVE-2018-7552, NVD, and related entries) indicate this vulnerability may lead to denial of servic...
CVE-2018-7554
CVE-2018-7554 refers to sam2p, where an invalid free in ReadImage (input-bmp.ci) can cause a segmentation fault in sam2p 0.49.4. A crafted input may lead to a denial of service or possibly other unspecified impact. The connected documents corroborate the vulnerability description but do not provi...
CVE-2018-12601
CVE-2018-12601 : Concrete detail available — sam2p 0.49.4 has a heap-based buffer overflow in the ReadImage function of input-tga.ci, leading to denial of service or possibly other impact. Affected component is the ReadImage routine in sam2p’s TGA input handling; the vulnerability is triggered by...
CVE-2020-19492
The CVE affects sam2p 0.49.4. A floating-point exception in ReadImage can cause a segmentation fault, leading to denial of service and potentially other impact. CNVD-2022-06516 notes exploitation via specially crafted input to trigger DoS. Public details in connected documents do not specify a pa...
CVE-2018-12578
CVE-2018-12578 describes a heap-based buffer overflow in the bmp_compress1_row function of sam2p version 0.49.4 (file: appliers.cpp). This condition can lead to a denial of service or possibly unspecified other impact. Multiple connected advisories (OSV, CNVD, Debian/OpenVAS/Mageia entries) corro...
CVE-2020-19491
CVE-2020-19491 affects sam2p 0.49.4. The vulnerability is caused by an invalid memory access in the cgif.c implementation, leading to a segmentation fault. A crafted input can cause denial of service or possibly unspecified other impact. No remediation/patch information is provided in the connect...