Описание
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| xv | removed | package |
Связанные уязвимости
CVSS3: 9.8
nvd
почти 8 лет назад
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
CVSS3: 9.8
github
больше 3 лет назад
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.