Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 allow remote attackers to execute arbitrary code via (1) a large JPG image, related to the jpg2bitmap function or (2) a large PNG image, related to the png2bitmap function, leading to heap-based buffer overflows.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ziproxy | Daniel_mealha_cabrita | * | 3.0.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.1 (including) | 1.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.2 (including) | 1.2 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.2-b (including) | 1.2-b (including) |
Ziproxy | Daniel_mealha_cabrita | 1.3 (including) | 1.3 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.3-b (including) | 1.3-b (including) |
Ziproxy | Daniel_mealha_cabrita | 1.3-beta (including) | 1.3-beta (including) |
Ziproxy | Daniel_mealha_cabrita | 1.3-c (including) | 1.3-c (including) |
Ziproxy | Daniel_mealha_cabrita | 1.3-d (including) | 1.3-d (including) |
Ziproxy | Daniel_mealha_cabrita | 1.4.0 (including) | 1.4.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.5.0 (including) | 1.5.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.5.1 (including) | 1.5.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.5.2 (including) | 1.5.2 (including) |
Ziproxy | Daniel_mealha_cabrita | 1.9.0 (including) | 1.9.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.0.0 (including) | 2.0.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.1.0 (including) | 2.1.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.1.1 (including) | 2.1.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.2.0 (including) | 2.2.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.2.1 (including) | 2.2.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.2.2 (including) | 2.2.2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.3.0 (including) | 2.3.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.3.5-beta (including) | 2.3.5-beta (including) |
Ziproxy | Daniel_mealha_cabrita | 2.4.0 (including) | 2.4.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.4.1 (including) | 2.4.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.4.2 (including) | 2.4.2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.4.3 (including) | 2.4.3 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.4.8-beta (including) | 2.4.8-beta (including) |
Ziproxy | Daniel_mealha_cabrita | 2.4.8-beta2 (including) | 2.4.8-beta2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.5.0 (including) | 2.5.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.5.1 (including) | 2.5.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.5.2 (including) | 2.5.2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.5.9-beta (including) | 2.5.9-beta (including) |
Ziproxy | Daniel_mealha_cabrita | 2.6.0 (including) | 2.6.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.6.9-beta (including) | 2.6.9-beta (including) |
Ziproxy | Daniel_mealha_cabrita | 2.6.9-beta2 (including) | 2.6.9-beta2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.7.0 (including) | 2.7.0 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.7.1 (including) | 2.7.1 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.7.2 (including) | 2.7.2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.7.9-beta (including) | 2.7.9-beta (including) |
Ziproxy | Daniel_mealha_cabrita | 2.7.9-beta2 (including) | 2.7.9-beta2 (including) |
Ziproxy | Daniel_mealha_cabrita | 2.7.9-beta3 (including) | 2.7.9-beta3 (including) |
Ziproxy | Daniel_mealha_cabrita | 3.0.1 (including) | 3.0.1 (including) |
Ziproxy | Ubuntu | jaunty | * |
Ziproxy | Ubuntu | karmic | * |
Ziproxy | Ubuntu | lucid | * |
Ziproxy | Ubuntu | maverick | * |
Ziproxy | Ubuntu | upstream | * |