Secunia Research has discovered a vulnerability in EasyHDR Pro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when reading Radiance RGBE (*.hdr) files. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Radiance RGBE file. Successful exploitation allows execution of arbitrary code.
502aa20f90bf8ac76a51febb63dc82bde4517976821a113057dc8906935e7a1fSecunia Research has discovered two vulnerabilities in DevIL, which can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to boundary errors within the "iGetHdrHeader()" function in src-IL/src/il_hdr.c. These can be exploited to cause a stack-based buffer overflow when processing specially crafted Radiance RGBE files. Successful exploitation allows execution of arbitrary code. Version 1.7.4 is affected.
2db7537f7ae4f1844e1079774d8e106853f8bddb5ad266889cca2a1bd47eac1aSecunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system. Version 1.63.5 is affected.
0c8bfbaaca5cc084c2c85ddbb2c6716f33329be58d9b2d16ad9cc4ec374f5157Secunia Research has discovered a vulnerability in Motion, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "read_client()" function in webhttpd.c. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted request to the HTTP control interface. Successful exploitation allows execution of arbitrary code, but requires that the Motion HTTP control interface is enabled. Versions below 3.2.10.1 are affected.
a53ee27484af973ec3d9be1a6e9f77dc22d182b1f4531f1f2fef4d035f031a4bSecunia Research has discovered a vulnerability in XnView, NConvert, and GFL SDK, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing the "format" keyword of Sun TAAC files. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a specially crafted Sun TAAC file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.70 of XnView for Linux and FreeBSD, XnView 1.93.6 for Windows, GFL SDK 2.82, and NConvert 4.92. Other versions may also be affected.
6d513fbba9ac630cb473e7094e4a5581a9466f3b53e85402becb12abda7c023eSecunia Research has discovered two vulnerabilities in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. imlib2 version 1.4.0 is affected.
492f91d706882a5fb47f967879cf1859be511b2b1b12b3b2a76195a3a3e14618Secunia Research has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when importing palette files. Versions 3.99 and 4.00 are affected.
474b6d103845f885798f337b3763aa6996a3585ba093c8718d1362f60f30a973Secunia Research has discovered a vulnerability in KVIrc, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "parseIrcUrl()" function in src/kvirc/kernel/kvi_ircurl.cpp not properly sanitizing parts of the URI when building the command for KVIrc's internal script system. KVIrc version 3.2.0 is affected.
187e48b0153904c34ee74cfe316558697a18e2cf35a81db6048183a191cc5df2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed