GLSA
Bodhisattva
Joined: 13 Jun 2003
Posts: 4087
Location: Dresden, Germany
|
 Posted: Sun Nov 07, 2004 7:23 pm Post subject: [ GLSA 200411-12 ] zgv: Multiple buffer overflows |
 |
|
Gentoo Linux Security Advisory
Title: zgv: Multiple buffer overflows (GLSA 200411-12)
Severity: normal
Exploitable: remote
Date: November 07, 2004
Updated: May 22, 2006
Bug(s): #69150
ID: 200411-12
Synopsis
zgv contains multiple buffer overflows that can potentially lead to the
execution of arbitrary code.
Background
zgv is a console image viewer based on svgalib.
Affected Packages
Package: media-gfx/zgv
Vulnerable: < 5.8
Unaffected: >= 5.8
Architectures: All supported architectures
Description
Multiple arithmetic overflows have been detected in the image
processing code of zgv.
Impact
An attacker could entice a user to open a specially-crafted image file,
potentially resulting in execution of arbitrary code with the rights of
the user running zgv.
Workaround
There is no known workaround at this time.
Resolution
All zgv users should upgrade to the latest version:
| Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/zgv-5.8" |
References
BugTraq Advisory
CVE-2004-1095
Last edited by GLSA on Sat Mar 03, 2012 4:17 am; edited 6 times in total |
|
News & Announcements
