|
|
CVE Reference: CVE-2004-0994 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0994 |
|
|
Description: Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/18454 IDEFENSE http://marc.theaimsgroup.com/?l=bugtraq&m=110297198402077&w=2 DEBIAN http://www.debian.org/security/2004/dsa-614 CONFIRM http://rus.members.beeb.net/xzgv-0.8-integer-overflow-fix.diff |
|
| Return to the previous page. |
