Secunia
Login
|
|
CVE Reference: CVE-2009-2688 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-2688 |
|
|
Description: Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/51334 http://xforce.iss.net/xforce/xfdb/51333 http://xforce.iss.net/xforce/xfdb/51332 SAID Secunia Advisory: SA35348 OSVDB 55298 MISC http://tracker.xemacs.org/XEmacs/its/issue534 CONFIRM BID 35473 |
|
| Return to the previous page. |
