CVE Reference: CVE-2010-1513

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-1513

Description:
Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 allow remote attackers to execute arbitrary code via (1) a large JPG image, related to the jpg2bitmap function or (2) a large PNG image, related to the png2bitmap function, leading to heap-based buffer overflows.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA39941

MISC
  http://secunia.com/secunia_research/2010-75/

CONFIRM
  http://ziproxy.sourceforge.net/#news

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/511424/100/0/threaded


Return to the previous page.