diff options
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 758ce0bb7d29..ebf2fab4b811 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,39 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="632c98be-aad2-4af2-849f-41a6862afd6a"> + <topic>p5-Imager - possibly exploitable buffer overflow</topic> + <affects> + <package> + <name>p5-Imager</name> + <range><lt>0.57</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description</h1> + <p>Imager 0.56 and all earlier versions with BMP support have + security issue when reading compressed 8-bit per pixel BMP + files where either a compressed run of data or a literal run + of data overflows the scan-line.</p> + <p>Such an overflow causes a buffer overflow in a malloc() + allocated memory buffer, possibly corrupting the memory arena + headers.</p> + <p>The effect depends on your system memory allocator, with glibc + this typically results in an abort, but with other memory + allocators it may be possible to cause local code execution.</p> + </body> + </description> + <references> + <url>https://rt.cpan.org/Public/Bug/Display.html?id=26811</url> + <url>http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html</url> + </references> + <dates> + <discovery>2007-04-04</discovery> + <entry>2007-04-30</entry> + </dates> + </vuln> + <vuln vid="275b845e-f56c-11db-8163-000e0c2e438a"> <topic>FreeBSD -- IPv6 Routing Header 0 is dangerous</topic> <affects> |