Henices

**Name of the Vulnerable Software and Affected Versions** Vim versions prior to 9.0.2142 **Description** The issue is related to a stack-based buffer overflow in the `did set langmap()` function of the Vim text editor. This overflow occurs because `did set langmap` in `map.c` calls `sprintf` to write to the error buffer that is passed down to the option callback functions. Exploitation of this issue may allow an attacker to execute arbitrary code. **Recommendations** For versions prior to 9.0.2142, update to version 9.0.2142 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `did set langmap()` function in `map.c` until a patch is applied. Additionally, be cautious when using the `sprintf` function to write to the error buffer, as it may lead to a stack-based buffer overflow.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27.3 **Description** The issue is related to an integer overflow in the `CrwMap::encode0x1810` function of Exiv2, which can be exploited by attackers to trigger a heap-based buffer overflow, causing a denial of service (DOS) via crafted metadata. This can be achieved by remotely exploiting the vulnerability with specially designed metadata. **Recommendations** For Exiv2 version 0.27.3, consider disabling the `CrwMap::encode0x1810` function as a temporary workaround until a patch is available. Restrict access to crafted metadata to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Exiv2 versions v0.27.3 and earlier **Description** The issue is related to an out-of-bounds read in the Exiv2 library, which can be triggered when writing metadata into a crafted image file. This could potentially allow a remote attacker to cause a denial of service by crashing Exiv2 if they can trick the victim into running Exiv2 on a crafted image file. The bug is less frequently triggered since it occurs during metadata writing, a less common operation than reading metadata. **Recommendations** For Exiv2 versions v0.27.3 and earlier, update to version v0.27.4 to resolve the issue. As a temporary workaround, consider avoiding the use of the metadata writing functionality in Exiv2 until the update is applied.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.7-16 **Description** The issue is related to an infinite loop in the ReadTXTImage function of the coders/txt.c component. This allows a remote attacker to cause a denial of service, specifically CPU exhaustion, by exploiting the vulnerability with a specially crafted image file. **Recommendations** For ImageMagick version 7.0.7-16, consider disabling the ReadTXTImage function in coders/txt.c as a temporary workaround until a patch is available. Restrict access to the coders/txt.c component to minimize the risk of exploitation. Avoid using the GetImageIndexInList call with untrusted image files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-16 **Description** A denial of service issue was found in the `ReadMIFFImage` function in `coders/miff.c`, allowing attackers to cause CPU exhaustion via a crafted MIFF image file. This issue can be exploited by remote attackers using a specially crafted MIFF image, leading to a denial of service. **Recommendations** For ImageMagick version 7.0.7-16, consider disabling the `ReadMIFFImage` function in `coders/miff.c` as a temporary workaround to minimize the risk of exploitation. Restrict access to MIFF image files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-16 Q16 **Description** A denial of service issue exists due to excessive iteration in the `ReadOnePNGImage` function in `coders/png.c`, allowing remote attackers to cause a denial of service via a crafted mng image file. This can lead to a large loop in `ReadOneMNGImage`. **Recommendations** For ImageMagick version 7.0.7-16 Q16, consider disabling the `ReadOnePNGImage` function in `coders/png.c` as a temporary workaround to prevent exploitation until a patch is available. Restrict access to handling mng image files to minimize the risk of denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-12 Q16 **Description** A large loop issue was found in the ExtractPostscript function in the coders/wpg.c component, allowing attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file. The vulnerability is related to an error in the resource control mechanism, which can be exploited by a remote attacker using a specially crafted wpg image to trigger a denial of service. **Recommendations** For ImageMagick version 7.0.7-12 Q16, consider disabling the ExtractPostscript function in the coders/wpg.c component as a temporary workaround to minimize the risk of exploitation. Restrict access to the ReadWPGImage call to prevent CPU exhaustion attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.7-12 Q16 **Description** The issue is related to an infinite loop in the `ReadPSDChannelZip` function in `coders/psd.c`, which can be exploited by attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file. This allows a remote attacker to disrupt service using a specially crafted psd image. **Recommendations** For ImageMagick version 7.0.7-12 Q16, as a temporary workaround, consider disabling the `ReadPSDChannelZip` function in `coders/psd.c` until a patch is available. Restrict access to handling psd image files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.7-12 Q16 Description: A CPU exhaustion issue was found in the `ReadDDSInfo` function in `coders/dds.c`, allowing attackers to cause a denial of service. This issue is related to uncontrolled resource consumption, which can be exploited by a remote attacker to cause a service disruption. Recommendations: For ImageMagick version 7.0.7-12 Q16, consider disabling the `ReadDDSInfo` function in `coders/dds.c` as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 6.0 through 7.1.1 **Description** The issue is caused by a buffer overflow in the Mediaserver service of the Android operating system. This can be exploited by a remote attacker using a specially crafted file to inject arbitrary code, potentially causing memory corruption during media file or data processing. The issue affects the libhevc library and is considered critical due to the possibility of remote code execution within the context of the Mediaserver process. **Recommendations** For Android versions 6.0 through 7.1.1, update to a version that contains a fix for this issue to prevent potential memory corruption and arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.