«
Expand/Collapse
196 items tagged "image"
Related tags:
txt [+],
tiff image [+],
tiff [+],
paint shop pro image [+],
buffer overflow [+],
advanced [+],
adobe [+],
linux security [+],
imagemagick [+],
gold [+],
exchangeable image file format [+],
disclosure [+],
apple quicktime [+],
yvs [+],
microsoft [+],
mandriva linux [+],
image viewer [+],
image file [+],
hacks [+],
free image [+],
flashpix [+],
buffer [+],
windows bitmap [+],
tiff import [+],
selectapix [+],
office [+],
microsoft photo editor [+],
gallery 1 [+],
bmp image [+],
adobe image [+],
vulnerability [+],
wordpress [+],
script [+],
pcx image [+],
jpeg [+],
x window system [+],
x window [+],
webapps [+],
memory [+],
heap [+],
file upload [+],
exploits [+],
digital [+],
bmp [+],
absolute image [+],
zero day [+],
zero [+],
yabsoft [+],
xnview [+],
uninitialized [+],
store [+],
stack overflow [+],
stack buffer [+],
spam image [+],
spam [+],
search [+],
script version [+],
script sql [+],
proof of concept [+],
perspective design [+],
perspective [+],
overflow vulnerability [+],
metasploit framework [+],
memory corruption [+],
maxsite [+],
mandriva [+],
loop [+],
logic error [+],
jpeg 2000 [+],
jasper [+],
insufficient checks [+],
inclusion [+],
image store [+],
image search engine [+],
image processing [+],
image perspective [+],
image manager [+],
image load [+],
image host [+],
graphic filter [+],
gold version [+],
forgery [+],
design [+],
cross site scripting [+],
conduit [+],
buffer overflows [+],
automation [+],
ajax [+],
active x [+],
webkit [+],
viscom [+],
user [+],
upload [+],
svg [+],
sql [+],
remote shell [+],
remote [+],
process [+],
preferred image [+],
php [+],
pcx [+],
passwd [+],
new image [+],
multitouch [+],
integer overflow vulnerability [+],
image pattern [+],
image dimensions [+],
image base [+],
host [+],
hollowing [+],
gdip [+],
function [+],
default [+],
change mail [+],
case [+],
cameras [+],
apple mac os x [+],
apple mac os [+],
ananda [+],
agent [+],
accelerometer [+],
Newbie [+],
Area [+],
4images image [+],
file [+],
gimp [+],
xss [+],
x internet [+],
x ichat [+],
warns [+],
vulnerabilities [+],
vmware [+],
videoprojecteur [+],
video projector [+],
usn [+],
update [+],
treat [+],
transfer [+],
track [+],
tiff library [+],
stupid question [+],
stefan cornelius [+],
softbiz [+],
sip [+],
simple [+],
server image [+],
server [+],
security case [+],
security [+],
secunia [+],
script v1 [+],
scam [+],
samuel sargent [+],
safer use [+],
resizer [+],
research [+],
question [+],
psp image [+],
psp [+],
projectors [+],
projector [+],
pov [+],
piwip [+],
pivotx [+],
piezo buzzer [+],
photoshopped [+],
panoramic image [+],
panoramic [+],
overhead projector [+],
omnitouch [+],
nikon [+],
neal [+],
myimages [+],
music [+],
multiple buffer overflow [+],
multiple [+],
module [+],
misc [+],
microcontrollers [+],
merci [+],
memory information [+],
megapixel image [+],
max msp [+],
max [+],
matrix clock [+],
matrix [+],
mail admin [+],
macro lens [+],
macro images [+],
macro [+],
mac [+],
logic [+],
log [+],
linux [+],
light image [+],
light [+],
library [+],
lens [+],
krazy [+],
kolab groupware [+],
kevin finisterre [+],
john [+],
inline [+],
information disclosure vulnerability [+],
information disclosure [+],
imlib [+],
image upload [+],
image structures [+],
image resizer [+],
image projector [+],
image galleries [+],
image factory [+],
image authentication system [+],
hostos [+],
horde [+],
homeworlds [+],
hijacking [+],
hardware upgrade [+],
groupware server [+],
gray scale image [+],
gejosoft [+],
gallery management [+],
galleries [+],
free [+],
flood light [+],
facebook [+],
eyeos [+],
enabled [+],
email [+],
dxl [+],
dupe [+],
dsa [+],
dr dos [+],
diy [+],
display [+],
disk image [+],
disk [+],
directory traversal vulnerability [+],
digital images [+],
digital image [+],
different colored pens [+],
dev [+],
denial of service [+],
debutant [+],
debian linux [+],
daniel [+],
dan rosenberg [+],
cve [+],
concept [+],
clock [+],
chris mckenzie [+],
chris harrison [+],
chance [+],
breadboarding [+],
box [+],
boot [+],
bmp jpeg [+],
bmp image files [+],
blair [+],
bet [+],
bauble [+],
ball [+],
automated system [+],
authentication [+],
audio [+],
arbitrary code [+],
apple safari [+],
apple os x [+],
apple os [+],
apple itunes [+],
apple [+],
aperture ring [+],
alien [+],
activex [+],
acdsee [+],
Espace [+],
BackTrack [+],
image gallery [+],
hosting [+],
gallery [+],
buffer overflow vulnerability [+],
code execution [+],
based buffer overflow [+],
gif [+],
day [+],
viewer [+],
shell [+],
red hat security [+],
gif image [+]
-
-
10:01
»
Hack a Day
This image should look familiar to regular readers. It’s a concept that [Chris Harrison] has been working on for a while, and this hardware upgrade uses equipment which which we’re all familiar. The newest rendition, which is named the Omnitouch, uses a shoulder-mounted system for both input and output. The functionality is the same as [...]
-
-
7:36
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-078 - Multiple vulnerabilities has been found and corrected in imagemagick. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
-
7:36
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-078 - Multiple vulnerabilities has been found and corrected in imagemagick. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
-
7:36
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-078 - Multiple vulnerabilities has been found and corrected in imagemagick. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
-
-
12:29
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
-
-
13:04
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0544-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.
-
13:04
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0544-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.
-
13:03
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0545-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.
-
13:03
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0545-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.
-
-
14:01
»
Hack a Day
This image contains a hidden audio track which you’re very familiar with. Well, it used to. We’d bet we messed up the careful encoding that [Chris McKenzie] used to hide data within an image when we resized the original. He’s using a method called Steganography to hide a message in plain sight. Since digital images [...]
-
-
7:14
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1807-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer to crash or, potentially, execute arbitrary code.
-
7:14
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1807-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer to crash or, potentially, execute arbitrary code.
-
7:14
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1807-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer to crash or, potentially, execute arbitrary code.
-
10:21
»
Hack a Day
So we saw this tip come in and thought–oh, another POV device. We watched the video (embedded after the break), took a sip of coffee, then almost sprayed the beverage all over the computer when we realized that this uses a diy sensor to synchronize the POV image. [Ch00f] came up with the idea for [...]
-
-
10:56
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-299 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe 2D.x3d PICT image parsing routines. When Adobe Reader parses an PICT image it uses a static buffer to store certain image header values. Due to insufficient checks for the end of the buffer it is possible to write outside the stack buffer. The resulting stack overflow could result in remote code execution under the context of the current user.
-
10:56
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-299 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe 2D.x3d PICT image parsing routines. When Adobe Reader parses an PICT image it uses a static buffer to store certain image header values. Due to insufficient checks for the end of the buffer it is possible to write outside the stack buffer. The resulting stack overflow could result in remote code execution under the context of the current user.
-
10:56
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-299 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe 2D.x3d PICT image parsing routines. When Adobe Reader parses an PICT image it uses a static buffer to store certain image header values. Due to insufficient checks for the end of the buffer it is possible to write outside the stack buffer. The resulting stack overflow could result in remote code execution under the context of the current user.
-
10:56
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-298 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .IFF image. While it tries to copy the image data from the RGBA chunk insufficient boundary checks are performed on a row counter which could lead to a heap overflow. This could result in remote code execution with the rights of the current user.
-
10:56
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-298 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .IFF image. While it tries to copy the image data from the RGBA chunk insufficient boundary checks are performed on a row counter which could lead to a heap overflow. This could result in remote code execution with the rights of the current user.
-
10:56
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-298 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .IFF image. While it tries to copy the image data from the RGBA chunk insufficient boundary checks are performed on a row counter which could lead to a heap overflow. This could result in remote code execution with the rights of the current user.
-
10:56
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-297 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .PCX image it creates a 32 bits loop counter based on the height and width of the image. It then enters a loop to copy data from the file in to a memory buffer, but the loop counter used in that function is only a 16 bit integer and as such can never reach the end of the loop when the max loop counter is bigger then 0xFFFF. Exploitation of this issue allows for remote code execution under the context of the user running the application.
-
10:56
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-297 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .PCX image it creates a 32 bits loop counter based on the height and width of the image. It then enters a loop to copy data from the file in to a memory buffer, but the loop counter used in that function is only a 16 bit integer and as such can never reach the end of the loop when the max loop counter is bigger then 0xFFFF. Exploitation of this issue allows for remote code execution under the context of the user running the application.
-
10:56
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-297 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .PCX image it creates a 32 bits loop counter based on the height and width of the image. It then enters a loop to copy data from the file in to a memory buffer, but the loop counter used in that function is only a 16 bit integer and as such can never reach the end of the loop when the max loop counter is bigger then 0xFFFF. Exploitation of this issue allows for remote code execution under the context of the user running the application.
-
-
14:52
»
Hack a Day
This odd-looking ball can automatically take a panoramic image whenever you throw it up into the air. Seriously, that’s then entire set of operating instructions for the device. Inside, a 3D printed frame hosts an array of 36 cellphone cameras, each capable of taking a two megapixel image. Also included is an accelerometer. When it [...]
-
-
6:49
»
Packet Storm Security Recent Files
Whitepaper called Process Hollowing. Process hollowing is yet another tool in the kit of those who seek to hide the presence of a process. The idea is rather straight forward: a bootstrap application creates a seemingly innocent process in a suspended state. The legitimate image is then unmapped and replaced with the image that is to be hidden. If the preferred image base of the new image does not match that of the old image, the new image must be rebased. Once the new image is loaded in memory the EAX register of the suspended thread is set to the entry point. The process is then resumed and the entry point of the new image is executed.
-
6:49
»
Packet Storm Security Misc. Files
Whitepaper called Process Hollowing. Process hollowing is yet another tool in the kit of those who seek to hide the presence of a process. The idea is rather straight forward: a bootstrap application creates a seemingly innocent process in a suspended state. The legitimate image is then unmapped and replaced with the image that is to be hidden. If the preferred image base of the new image does not match that of the old image, the new image must be rebased. Once the new image is loaded in memory the EAX register of the suspended thread is set to the entry point. The process is then resumed and the entry point of the new image is executed.
-
-
12:02
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2011-132 - Multiple vulnerabilities have been identified and fixed in pidgin. It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure. Various other issues were also addressed.
-
12:02
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2011-132 - Multiple vulnerabilities have been identified and fixed in pidgin. It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure. Various other issues were also addressed.
-
12:02
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2011-132 - Multiple vulnerabilities have been identified and fixed in pidgin. It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure. Various other issues were also addressed.
-
-
7:08
»
Packet Storm Security Exploits
WordPress Image Gallery with Slideshow plugin versions 1.5 and below suffer from remote SQL injection and shell upload vulnerabilities.
-
-
23:02
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0839-01 - The GIMP is an image composition and editing program. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
23:02
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0839-01 - The GIMP is an image composition and editing program. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
23:02
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0839-01 - The GIMP is an image composition and editing program. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
22:58
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0838-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
22:58
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0838-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
22:58
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0838-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
22:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0837-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
22:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0837-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
22:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0837-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.
-
-
14:24
»
Hack a Day
[Samuel Sargent] built his own lens for making stacked macro images.This project, which was completed as part of his senior thesis, utilizes a Zeiss enlarger lens. The aperture ring was broken, making it difficult to tell how much light was being let into the camera. Instead of scrapping the whole thing he turned it around, [...]
-
-
13:01
»
Hack a Day
There’s a pretty good chance that you already have everything needed to make this image projector. We thought that yesterday’s video projector was simple, but this one makes it look like a super-computer in comparison. [Esrun] grabbed a flood light, some transparency film, and a common magnifying glass for use in his still-image project. This [...]
-
-
13:34
»
Packet Storm Security Advisories
Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
-
13:34
»
Packet Storm Security Recent Files
Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
-
13:34
»
Packet Storm Security Misc. Files
Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
-
13:18
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image. Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
-
13:18
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image. Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
-
13:18
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image. Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
-
-
14:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 993-1 - Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.
-
-
8:57
»
Hack a Day
Normally when we feature a clock made with a 32×8 LED matrix we’d load up an image of the display for the banner photo. But this time around we were so impressed by [JB's] breadboard work we had to use this image. We see an ATmega168, three buttons, three LEDs, a piezo buzzer, 32.768 kHz [...]
-
-
12:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-166 - Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
-
12:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-166 - Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
-
-
1:01
»
Packet Storm Security Advisories
Ubuntu Security Notice 954-1 - Kevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. Dan Rosenberg and Sauli Pahlman discovered multiple flaws in the TIFF library. If a user or automated system were into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service.
-
-
20:23
»
SecuriTeam
A vulnerability was discovered in imlib2, which can be exploited by malicious people to compromise an application using the library.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:00
»
Hack a Day
This is an interesting take on a music box. [Blair Neal] is using an overhead projector with a roll of transparency to make a synthesized music box. A camera watches the projected image and feeds data to Max/MSP to produce the sounds. Customization merely requires creative image analysis. In this case, different colored pens or [...]
-
-
20:00
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in imlib2, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused by a logic error within the IMAGE_DIMENSIONS_OK() macro in src/lib/image.h. This can be exploited to cause heap-based buffer overflows via e.g. specially crafted ARGB, XPM, and BMP image files.
-
-
9:00
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2029-1 - It was discovered that imlib2, a library to load and process several image formats, did not properly process various image file types. Several heap and stack based buffer overflows - partly due to integer overflows - in the ARGB, BMP, JPEG, LBM, PNM, TGA and XPM loaders can lead to the execution of arbitrary code via crafted image files.
-
-
14:17
»
remote-exploit & backtrack
i downloaded an image of slax. Successfully burnt it to a bootable disc and can boot from it, but when I do I just get Calderas dr dos. How do I just boot the os?
-
7:30
»
Hack a Day
[Daniel] wrote in to show us the project his group has been working on. It is a massive display wall consisting of 28 projectors and 30 computers. With a resolution of 7168×3072, viewing a 13.3 gigapixel image is a treat. That treat is made even stronger by the fact that navigating [...]
-
-
0:59
»
remote-exploit & backtrack
Hello.
Probably it makes more sense for most users to have the BT4 VMWare Image
(bt4-final-vm.zip) run under VMWare with Windows as HostOS...
Are there any known problems if the HostOS is Linux/Debian?
Thank's a lot for any feedback!
John
-
-
3:59
»
remote-exploit & backtrack
Bonjour,
Je dois brancher un PC à un videoprojecteur. J'aimerais savoir comment configurer BackTrack 4.0 pour qu'il puisse balancer l'image sur le videoprojecteur ?
Merci
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution