![]() This overflow is controllable and could be abused for code execution, especially on 32-bit systems. GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file.Ī vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault). in GitHub repository hpjansson/chafa prior to 1.10.2. Was ZDI-CAN-14972.ĭecoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service.ĭue to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4.Ĭhafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. The specific flaw exists within the parsing of GIF files. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro 11.8.7.0. In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.Īn out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. An attacker can provide a malicious file to trigger this vulnerability.Īn out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4.
0 Comments
Leave a Reply. |