|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 2558 CVE : CVE-2007-1943 CVE : CVE-2007-1942 CVE : CVE-2007-1948 CVE : CVE-2007-1946 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Exploit Given : Yes Credit : Ivan Fratric (ifsecure gmail com) Published : 13.04.2007
Advisory Text : I made a small research covering security of several Windows offline image viewers. Although, when discussing security of image viewing software, web browsers are usually implied, since they will be on the 'front lines' in the unsafe environment such as the Internet, this research lists several cases in which you may open potentially dangerous image file with your favorite image viewer. The viewers tested are: ACDSee, IrfranView and FastStone image viewer (current versions at the date of testing). The testing involved opening windows bitmap (.bmp) images specially crafted to cause buffer overflows in certain cases, if such cases are not handled properly by the opening application. Unusual results and crashes were noted. The test results demonstrated multiple vulnerabilities in the viewers tested. A possible bug in Windows explorer on XP SP1 is also presented. You can see the complete report at http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |