oss-sec mailing list archives

imageworsener: multiple vulnerabilities

From: Agostino Sarubbo <ago () gentoo org>
Date: Sun, 23 Apr 2017 12:52:16 +0200

There are some other vulnerabilities discovered by 'bestshow' and fixed in 
imageworsener:

CVE-2017-7452
NULL pointer dereference in iwbmp_read_info_header
https://github.com/jsummers/imageworsener/issues/8


CVE-2017-7453
NULL pointer dereference in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/9


CVE-2017-7454
heap-buffer-overflow in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/11


CVE-2017-7623
heap-buffer-overflow in iwmiffr_convert_row32
https://github.com/jsummers/imageworsener/issues/12


CVE-2017-7624
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/10


CVE-2017-7939
stack buffer overflow in read_next_pam_token
https://github.com/jsummers/imageworsener/issues/13


CVE-2017-7940
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/18

-- 
Agostino Sarubbo
Gentoo Linux Developer

Current thread:

imageworsener: multiple vulnerabilities Agostino Sarubbo (Apr 23)
- <Possible follow-ups>
- imageworsener: multiple vulnerabilities Agostino Sarubbo (May 23)