VYPR

Xcftools

by Henning Makholm

CVEs (3)

  • CVE-2019-5087HigNov 21, 2019
    risk 0.57cvss 8.8epss 0.04

    An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually…

  • CVE-2019-5086HigNov 21, 2019
    risk 0.57cvss 8.8epss 0.03

    An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary…

  • CVE-2009-2175Jun 23, 2009
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the (1) xcf2pnm and (2) xcf2png utilities, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image that…