Multiple integer overflows in xzgv 0.8 and previous versions allow remote malicious users to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zgv zgv image viewer 5.8 |
||
zgv zgv image viewer 5.6 |
||
zgv zgv image viewer 5.7 |
||
zgv xzgv image viewer 0.8 |
||
zgv zgv image viewer 5.5 |
||
zgv xzgv image viewer 0.6 |
||
zgv xzgv image viewer 0.7 |
||
debian debian linux 3.0 |