Several vulnerabilities have been discovered in zgv, an SVGAlib graphics viewer for the i386 architecture. The Common Vulnerabilities and Exposures Project identifies the following problems: CAN-2004-1095 "infamous41md" discovered multiple integer overflows in zgv. Remote exploitation of an integer overflow vulnerability could allow the execution of arbitrary code. CAN-2004-0999 Mikulas Patocka discovered that malicious multiple-image (e.g. animated) GIF images can cause a segmentation fault in zgv. For the stable distribution (woody) these problems have been fixed in version 5.5-3woody1. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your zgv package immediately.
Several vulnerabilities have been discovered in zgv, an SVGAlib graphics viewer for the i386 architecture. The Common Vulnerabilities and Exposures Project identifies the following problems:
"infamous41md" discovered multiple integer overflows in zgv. Remote exploitation of an integer overflow vulnerability could allow the execution of arbitrary code.
Mikulas Patocka discovered that malicious multiple-image (e.g. animated) GIF images can cause a segmentation fault in zgv.
For the stable distribution (woody) these problems have been fixed in version 5.5-3woody1.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you upgrade your zgv package immediately.
MD5 checksums of the listed files are available in the original advisory.