Imageworsener
Sign in to watchby Entropymine
CVEs (20)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8326 | Hig | 0.57 | 8.8 | 0.01 | Apr 29, 2017 | libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c. | |
| CVE-2017-8325 | Hig | 0.57 | 8.8 | 0.01 | Apr 29, 2017 | The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image. | |
| CVE-2017-9207 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | |
| CVE-2017-9206 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c. | |
| CVE-2017-9205 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | |
| CVE-2017-9204 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | |
| CVE-2017-9203 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c. | |
| CVE-2017-9202 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c. | |
| CVE-2017-9201 | Med | 0.42 | 6.5 | 0.00 | May 23, 2017 | imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c. | |
| CVE-2017-9094 | Med | 0.42 | 6.5 | 0.00 | May 19, 2017 | The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image. | |
| CVE-2017-9093 | Med | 0.42 | 6.5 | 0.00 | May 19, 2017 | The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image. | |
| CVE-2017-8327 | Med | 0.42 | 6.5 | 0.00 | Apr 29, 2017 | The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image. | |
| CVE-2017-7962 | Med | 0.36 | 5.5 | 0.01 | Apr 19, 2017 | The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | |
| CVE-2017-7940 | Med | 0.36 | 5.5 | 0.00 | Apr 18, 2017 | The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | |
| CVE-2017-7939 | Med | 0.36 | 5.5 | 0.00 | Apr 18, 2017 | The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file. | |
| CVE-2017-7624 | Med | 0.36 | 5.5 | 0.00 | Apr 10, 2017 | The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file. | |
| CVE-2017-7623 | Med | 0.36 | 5.5 | 0.00 | Apr 10, 2017 | The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | |
| CVE-2017-7454 | Med | 0.36 | 5.5 | 0.00 | Apr 6, 2017 | The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | |
| CVE-2017-7453 | Med | 0.36 | 5.5 | 0.00 | Apr 6, 2017 | The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | |
| CVE-2017-7452 | Med | 0.36 | 5.5 | 0.00 | Apr 6, 2017 | The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. |