Jun Furuse : Security Vulnerabilities, CVEs,
Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function.
Max CVSS
7.5
EPSS Score
0.88%
Published
2009-07-05
Updated
2018-10-10
Multiple integer overflows in CamlImages 2.2 might allow context-dependent attackers to execute arbitrary code via images containing large width and height values that trigger a heap-based buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) crafted JPEG files (jpegread.c), a different vulnerability than CVE-2009-2295.
Max CVSS
6.8
EPSS Score
0.47%
Published
2009-08-04
Updated
2017-08-17
2 vulnerabilities found