Jason Summers

15 exploits Active since Apr 2017
CVE-2017-7962 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.0 - Denial of Service via Crafted File in iwgif_read_image
The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
CVSS 5.5
CVE-2017-8325 WRITEUP HIGH WRITEUP
ImageWorsener < 1.3.1 - Heap-Based Buffer Overflow in iw_process_cols_to_intermediate
The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image.
CVSS 8.8
CVE-2017-8326 WRITEUP HIGH WRITEUP
ImageWorsener < 1.3.0 - Denial of Service via Integer Overflow in BMP Processing
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c.
CVSS 8.8
CVE-2017-8327 WRITEUP MEDIUM WRITEUP
ImageWorsener < 1.3.0 - Denial of Service via BMP Image Parsing
The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image.
CVSS 6.5
CVE-2017-9201 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Denial of Service via Divide-by-Zero in Image Processing
imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.
CVSS 6.5
CVE-2017-9202 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Denial of Service via Divide-by-Zero in imagew-cmd.c
imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.
CVSS 6.5
CVE-2017-9203 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Denial of Service via Crafted BMP Image
imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c.
CVSS 6.5
CVE-2017-9204 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Denial of Service via Crafted JPEG Image
The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.
CVSS 6.5
CVE-2017-9205 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Denial of Service via Crafted JPEG Image
The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.
CVSS 6.5
CVE-2017-9206 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Denial of Service via Heap-Based Buffer Over-Read in iw_get_ui16le
The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.
CVSS 6.5
CVE-2017-9207 WRITEUP MEDIUM WRITEUP
ImageWorsener 1.3.1 - Heap-Based Buffer Over-Read in iw_get_ui16be
The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.
CVSS 6.5
CVE-2021-28855 WRITEUP MEDIUM WRITEUP
deark < 1.5.8 - NULL Pointer Dereference in dbuf_write Function
In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c).
CVSS 5.5
CVE-2021-28856 WRITEUP MEDIUM WRITEUP
Deark < 1.5.8 - Denial of Service via Division by Zero in fmtutil.c
In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.
CVSS 5.5
CVE-2022-43289 WRITEUP HIGH WORKING POC
Deark 1.6.2 - Stack Overflow in do_prism_read_palette Function
Deark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c.
CVSS 7.8
EIP-2026-115822 EXPLOITDB text WRITEUP
Microsoft Windows XP - 'explorer.exe .tiff' Image Denial of Service