Описание
Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| hardy | released | 1.6.0-13ubuntu0.1 |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | released | 1.6.0-13+lenny2build0.9.04.1 |
| karmic | released | 1.6.0-14ubuntu0.1 |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | released | 1.6.0-15 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| hardy | released | 1:2.2.0-2ubuntu2.1 |
| intrepid | released | 1:2.2.0-3ubuntu0.1 |
| jaunty | released | 1:2.2.0-4+lenny2build0.9.04.1 |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | released | 1:3.0.1-3 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function.
Multiple integer overflows in CamlImages 2.2 and earlier might allow c ...
Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function.
EPSS
7.5 High
CVSS2