CVE-2019-5086

HIGH Year: 2019
CVSS v3 Score
7.5
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-680
View all →

Vulnerability Description

An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file.

Related Vulnerabilities

CVE-2024-21454

HIGH
CVSS:7.5(High)

Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.

CWE-6802024

CVE-2024-24478

HIGH
CVSS:7.5(High)

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NO...

CWE-6802024

CVE-2024-57956

HIGH
CVSS:7.5(High)

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

CWE-6802024

CVE-2024-58107

HIGH
CVSS:7.5(High)

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CWE-6802024

CVE-2022-29886

HIGH
CVSS:7.3(High)

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, which can result in arbitrary code execut...

CWE-6802022

CVE-2022-32543

HIGH
CVSS:7.3(High)

An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code executi...

CWE-6802022