Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 23 Apr 2017 12:52:16 +0200
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Subject: imageworsener: multiple vulnerabilities

There are some other vulnerabilities discovered by 'bestshow' and fixed in 
imageworsener:

CVE-2017-7452
NULL pointer dereference in iwbmp_read_info_header
https://github.com/jsummers/imageworsener/issues/8


CVE-2017-7453
NULL pointer dereference in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/9


CVE-2017-7454
heap-buffer-overflow in iwgif_record_pixel
https://github.com/jsummers/imageworsener/issues/11


CVE-2017-7623
heap-buffer-overflow in iwmiffr_convert_row32
https://github.com/jsummers/imageworsener/issues/12


CVE-2017-7624
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/10


CVE-2017-7939
stack buffer overflow in read_next_pam_token
https://github.com/jsummers/imageworsener/issues/13


CVE-2017-7940
memory leak in imagew-cmd
https://github.com/jsummers/imageworsener/issues/18

-- 
Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ