Monthly Archives: March 2017

potrace: heap-based buffer overflow in bm_readbody_bmp (bitmap_io.c) (incomplete fix for CVE-2016-8698)

Posted on March 3, 2017 by ago

Description: potrace is a utility that transforms bitmaps into vector graphics. A fuzz on 1.14 showed that an overflow previously reported as CVE-2016-8698 was not really fixed. Since there isn’t a public git repository, I uploaded the patch on my … Continue reading →

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp)

Posted on March 2, 2017 by ago

Description: podofo is a C++ library to work with the PDF file format. A fuzz on it discovered a null pointer dereference. The upstream project denies me to open a new ticket. So, I just will forward this on the … Continue reading →

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in PoDoFo::PdfXObject::PdfXObject (PdfXObject.cpp)

Posted on March 2, 2017 by ago

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)

Posted on March 2, 2017 by ago

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h)

Posted on March 2, 2017 by ago

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in PoDoFo::PdfColor::operator= (PdfColor.cpp)

Posted on March 2, 2017 by ago

Posted in advisories, security | Leave a comment

podofo: global buffer overflow in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp)

Posted on March 2, 2017 by ago

Description: podofo is a C++ library to work with the PDF file format. A fuzz on it discovered a global overflow. The upstream project denies me to open a new ticket. So, I just will forward this on the -users … Continue reading →

Posted in advisories, security | Leave a comment

podofo: heap-based buffer overflow in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)

Posted on March 2, 2017 by ago

Description: podofo is a C++ library to work with the PDF file format. A fuzz on it discovered an heap overflow. The upstream project denies me to open a new ticket. So, I just will forward this on the -users … Continue reading →

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp)

Posted on March 2, 2017 by ago

Description: podofo is a C++ library to work with the PDF file format. A fuzz on it discovered a null pointer access. The upstream project denies me to open a new ticket. So, I just will forward this on the … Continue reading →

Posted in advisories, security | Leave a comment

podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h)

Posted on March 2, 2017 by ago

Posted in advisories, security | Leave a comment

Monthly Archives: March 2017

potrace: heap-based buffer overflow in bm_readbody_bmp (bitmap_io.c) (incomplete fix for CVE-2016-8698)

podofo: NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp)

podofo: NULL pointer dereference in PoDoFo::PdfXObject::PdfXObject (PdfXObject.cpp)

podofo: NULL pointer dereference in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)

podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h)

podofo: NULL pointer dereference in PoDoFo::PdfColor::operator= (PdfColor.cpp)

podofo: global buffer overflow in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp)

podofo: heap-based buffer overflow in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h)

podofo: NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp)

podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h)

Recent Posts

Recent Comments

Archives

Categories

Meta