Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xzgv_image_viewer | Zgv | 0.6 (including) | 0.6 (including) |
Xzgv_image_viewer | Zgv | 0.7 (including) | 0.7 (including) |
Xzgv_image_viewer | Zgv | 0.8 (including) | 0.8 (including) |
Zgv_image_viewer | Zgv | 5.5 (including) | 5.5 (including) |
Zgv_image_viewer | Zgv | 5.6 (including) | 5.6 (including) |
Zgv_image_viewer | Zgv | 5.7 (including) | 5.7 (including) |
Zgv_image_viewer | Zgv | 5.8 (including) | 5.8 (including) |
Xzgv | Ubuntu | dapper | * |
Xzgv | Ubuntu | devel | * |
Xzgv | Ubuntu | edgy | * |
Xzgv | Ubuntu | feisty | * |