Secunia Research has discovered a vulnerability in EasyHDR Pro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when reading Radiance RGBE (*.hdr) files. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Radiance RGBE file. Successful exploitation allows execution of arbitrary code.
502aa20f90bf8ac76a51febb63dc82bde4517976821a113057dc8906935e7a1f
Secunia Research has discovered two vulnerabilities in DevIL, which can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to boundary errors within the "iGetHdrHeader()" function in src-IL/src/il_hdr.c. These can be exploited to cause a stack-based buffer overflow when processing specially crafted Radiance RGBE files. Successful exploitation allows execution of arbitrary code. Version 1.7.4 is affected.
2db7537f7ae4f1844e1079774d8e106853f8bddb5ad266889cca2a1bd47eac1a
Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system. Version 1.63.5 is affected.
0c8bfbaaca5cc084c2c85ddbb2c6716f33329be58d9b2d16ad9cc4ec374f5157
Secunia Research has discovered a vulnerability in Motion, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "read_client()" function in webhttpd.c. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted request to the HTTP control interface. Successful exploitation allows execution of arbitrary code, but requires that the Motion HTTP control interface is enabled. Versions below 3.2.10.1 are affected.
a53ee27484af973ec3d9be1a6e9f77dc22d182b1f4531f1f2fef4d035f031a4b
Secunia Research has discovered a vulnerability in XnView, NConvert, and GFL SDK, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing the "format" keyword of Sun TAAC files. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a specially crafted Sun TAAC file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.70 of XnView for Linux and FreeBSD, XnView 1.93.6 for Windows, GFL SDK 2.82, and NConvert 4.92. Other versions may also be affected.
6d513fbba9ac630cb473e7094e4a5581a9466f3b53e85402becb12abda7c023e
Secunia Research has discovered two vulnerabilities in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. imlib2 version 1.4.0 is affected.
492f91d706882a5fb47f967879cf1859be511b2b1b12b3b2a76195a3a3e14618
Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when importing palette files. Versions 3.99 and 4.00 are affected.
474b6d103845f885798f337b3763aa6996a3585ba093c8718d1362f60f30a973
Secunia Research has discovered a vulnerability in KVIrc, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "parseIrcUrl()" function in src/kvirc/kernel/kvi_ircurl.cpp not properly sanitizing parts of the URI when building the command for KVIrc's internal script system. KVIrc version 3.2.0 is affected.
187e48b0153904c34ee74cfe316558697a18e2cf35a81db6048183a191cc5df2