Computer Security

CVE-2009-2660
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2009-2660
StatusCandidate
DescriptionMultiple integer overflows in CamlImages 2.2 might allow context-dependent attackers to execute arbitrary code via images containing large width and height values that trigger a heap-based buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) crafted JPEG files (jpegread.c), a different vulnerability than CVE-2009-2295.
SeverityMedium
CVSS score6,8
CVSS vector(AV:N/AC:M/Au:N/C:P/I:P/A:P)
PhaseAssigned (22.10.2009)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2660
ReferencesCONFIRM : https://bugs.gentoo.org/attachment.cgi?id=199108
 CONFIRM : https://bugs.gentoo.org/show_bug.cgi?id=276235
 MLIST : [oss-security] 20090725 camlimages: Integer overflows in GIF and JPEG readers
SecurityVulns:CamlImages library integer overflows
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server