|
Multiple image viewers multiple security vulnerabilities
updated since 05.04.2007 | | Published: |  | 02.11.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7535 | | Type: |  | client | | Level: |  | 6/10 | | Description: |  | Multiple buffer overflows on BPM, TIFF, XPM, CLP, PSP, RAS, IFF, PNG images parsing. |
| Affected: |  | ADOBE : Photoshop CS2 | | | | GNU : GIMP 2.2 | | | | IRFANVIEW : IrfanView 3.99 | | | | ACD : ACDSee 9.0 | | | | FASTSTONE : FastStone Image Viewer 2.9 | | | | IRFANVIEW : IrfanView 4.0 | | | | ADOBE : Photoshop CS3 | | | | ADOBE : Photoshop Elements 5.0 | | | | COREL : Paint Shop Pro 11.20 | | | | ABCVIEW : ABC-View Manager 1.42 | | | | XNVIEW : XnView 1.90 | | | | PHOTOFILTRE : Photofiltre Studio 8.1 | | CVE: |  | CVE-2007-4344 | | | | CVE-2007-2366 (Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.) | | | | CVE-2007-2366 (Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.) | | | | CVE-2007-2365 (Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.) | | | | CVE-2007-2365 (Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.) | | | | CVE-2007-2363 (Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.) | | | | CVE-2007-2363 (Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.) | | | | CVE-2007-1948 (Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrated by rle8of3.bmp and rle8of4.bmp.) | | | | CVE-2007-1946 (Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp.) | | | | CVE-2007-1943 (Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp.) | | | | CVE-2007-1942 (Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp.) |
|
|
|
|
|
