Monthly Archives: August 2017

libfpx: divide-by-zero in CDirVector::GetTable (dirfunc.hxx)

Posted on August 9, 2017 by ago

Description: libfpx is a library for manipulating FlashPIX images. I’m aware that the link to the upstream website does not work. I’m keeping it as well because in the future the upstream website could appear again. Libfpx is not actively … Continue reading →

Posted in advisories, security | Leave a comment

libfpx: NULL pointer dereference in OLEStream::WriteVT_LPSTR (olestrm.cpp)

Posted on August 9, 2017 by ago

Posted in advisories, security | Leave a comment

libfpx: NULL pointer dereference in PFileFlashPixView::GetGlobalInfoProperty (f_fpxvw.cpp)

Posted on August 9, 2017 by ago

Posted in advisories, security | Leave a comment

libfpx: NULL pointer dereference in wchar.c

Posted on August 9, 2017 by ago

Posted in advisories, security | Leave a comment

libfpx: NULL pointer dereference in CDirectory::GetDirEntry (dir.cxx)

Posted on August 9, 2017 by ago

Posted in advisories, security | Leave a comment

libfpx: heap-based buffer overflow in OLEStream::WriteVT_LPSTR (olestrm.cpp)

Posted on August 9, 2017 by ago

Posted in advisories, security | 1 Comment

libfpx: double-free in DfFromLB (docfile.cxx)

Posted on August 9, 2017 by ago

Posted in advisories, security | Leave a comment

graphicsmagick: heap-based buffer overflow in ReadSUNImage (sun.c)

Posted on August 5, 2017 by ago

Description: graphicsmagick is a collection of tools and libraries for many image formats. The complete ASan output of the issue: # gm convert -clip -negate $FILE out ==18510==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000015f4 at pc 0x7f6e936c556b bp 0x7fff17c33ab0 sp 0x7fff17c33aa8 … Continue reading →

Posted in advisories, security | Leave a comment

graphicsmagick: invalid memory read in SetImageColorCallBack (image.c)

Posted on August 5, 2017 by ago

Description: graphicsmagick is a collection of tools and libraries for many image formats. The complete ASan output of the issue: # gm convert -clip -negate $FILE out ==11324==ERROR: AddressSanitizer: SEGV on unknown address 0x7f9ccac18000 (pc 0x7f9dbacf58ce bp 0x7ffec95349c0 sp 0x7ffec9534980 … Continue reading →

Posted in advisories, security | 2 Comments

graphicsmagick: use-after-free in ReadWMFImage (wmf.c)

Posted on August 5, 2017 by ago

Description: graphicsmagick is a collection of tools and libraries for many image formats. The complete ASan output of the issue: # gm convert -negate -clip $FILE out ==24889==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c0000005c0 at pc 0x7fca38d0da52 bp 0x7ffc6119c090 sp 0x7ffc6119c088 … Continue reading →

Posted in advisories, security | 1 Comment

Monthly Archives: August 2017

libfpx: divide-by-zero in CDirVector::GetTable (dirfunc.hxx)

libfpx: NULL pointer dereference in OLEStream::WriteVT_LPSTR (olestrm.cpp)

libfpx: NULL pointer dereference in PFileFlashPixView::GetGlobalInfoProperty (f_fpxvw.cpp)

libfpx: NULL pointer dereference in wchar.c

libfpx: NULL pointer dereference in CDirectory::GetDirEntry (dir.cxx)

libfpx: heap-based buffer overflow in OLEStream::WriteVT_LPSTR (olestrm.cpp)

libfpx: double-free in DfFromLB (docfile.cxx)

graphicsmagick: heap-based buffer overflow in ReadSUNImage (sun.c)

graphicsmagick: invalid memory read in SetImageColorCallBack (image.c)

graphicsmagick: use-after-free in ReadWMFImage (wmf.c)

Recent Posts

Recent Comments

Archives

Categories

Meta