Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote malicious users to execute arbitrary code via a crafted chbg scenario file.
Danny Lungstrom discovered a vulnerability in chbg, a tool to change
background pictures A maliciously crafted configuration/scenario
file could overflow a buffer and lead to the execution of arbitrary
code on the victim's machine
For the stable distribution (woody) this problem has been fixed in
version 15-1woody1
For the unstable distribution ...
source: wwwsecurityfocuscom/bid/11957/info
ChBg is reported prone to a remote buffer overflow vulnerability This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive process buffers It is reported that this issue can allow an attacker to gain superuser privilege ...