1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
PublicDate: 2005-01-10
Candidate: CVE-2004-0994
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0994
Description:
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers
to execute arbitrary code via images with large width and height values,
which trigger a heap-based buffer overflow, as demonstrated in the
read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095
identify sets of bugs that only partially overlap, despite having the same
developer. Therefore, they should be regarded as distinct.
Ubuntu-Description:
Notes:
Bugs:
dapper_xzgv: released (0.8-5)
edgy_xzgv: released (0.8-5)
feisty_xzgv: released (0.8-5)
devel_xzgv: released (0.8-5)
upstream_xzgv:
|