Category Archives: security

libtiff: assertion failure in readSeparateTilesIntoBuffer (tiffcp.c)

Posted on January 1, 2017 by ago

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed an assertion failure. The complete output: # tiffcp -i $FILE /tmp/foo tiffcp: … Continue reading →

Posted in advisories, security | Leave a comment

libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)

Posted on January 1, 2017 by ago

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed a stack buffer overflow. The complete ASan output: # tiffsplit $FILE TIFFReadDirectory: … Continue reading →

Posted in advisories, security | 1 Comment

libtiff: memcpy-param-overlap in t2p_tile_collapse_left (tiff2pdf.c)

Posted on January 1, 2017 by ago

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. A crafted tiff file revealed a memcpy-param-overlap. The complete ASan output: # tiff2pdf $FILE -o foo TIFFReadDirectoryCheckOrder: … Continue reading →

Posted in advisories, security | Leave a comment

libtiff: multiple heap-based buffer overflow

Posted on January 1, 2017 by ago

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. Some crafted images, through a fuzzing revealed multiple overflow. Since the number of the issues, I will … Continue reading →

Posted in advisories, security | 1 Comment

libtiff: multiple divide-by-zero

Posted on January 1, 2017 by ago

Description: Libtiff is a software that provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. Some crafted images, through a fuzzing revealed multiple division by zero. Since the number of the issues, … Continue reading →

Posted in advisories, security | Leave a comment

graphicsmagick: memory allocation failure in MagickRealloc (memory.c)

Posted on December 1, 2016 by ago

Description: Graphicsmagick is an Image Processing System. This is an old memory failure, discovered time ago. The maintainer, Mr. Bob Friesenhahn was able to reproduce the issue; I’m quoting his feedback about: The problem is that the embedded JPEG data … Continue reading →

Posted in advisories, security | 1 Comment

libming: listswf: NULL pointer dereference in dumpBuffer (read.c)

Posted on December 1, 2016 by ago

Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed a null pointer access in listswf. The bug does not reside … Continue reading →

Posted in advisories, security | Leave a comment

libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c)

Posted on December 1, 2016 by ago

Description: libming is a Flash (SWF) output library. It can be used from PHP, Perl, Ruby, Python, C, C++, Java, and probably more on the way.. A fuzzing revealed an overflow in listswf. The bug does not reside in any … Continue reading →

Category Archives: security

libtiff: assertion failure in readSeparateTilesIntoBuffer (tiffcp.c)

libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)

libtiff: memcpy-param-overlap in t2p_tile_collapse_left (tiff2pdf.c)

libtiff: multiple heap-based buffer overflow

libtiff: multiple divide-by-zero

graphicsmagick: memory allocation failure in MagickRealloc (memory.c)

libming: listswf: NULL pointer dereference in dumpBuffer (read.c)

libming: listswf: heap-based buffer overflow in _iprintf (outputtxt.c)

libming: listswf: heap-based buffer overflow in parseSWF_RGBA (parser.c)

libming: listswf: heap-based buffer overflow in parseSWF_DEFINEFONT (parser.c)

Recent Posts

Recent Comments

Archives

Categories

Meta