Описание
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:3.5.12-1 |
| esm-infra-legacy/trusty | released | 1:3.5.10-1ubuntu0.1 |
| esm-infra/xenial | released | 1:3.5.11-1ubuntu0.16.04.1 |
| precise | released | 1:3.5.9-4ubuntu0.1 |
| trusty | released | 1:3.5.10-1ubuntu0.1 |
| trusty/esm | released | 1:3.5.10-1ubuntu0.1 |
| upstream | released | 1:3.5.12-1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1:3.5.11-1ubuntu0.16.04.1 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
Multiple integer overflows in libXpm before 3.5.12, when a program req ...
7.5 High
CVSS2
9.8 Critical
CVSS3