Gentoo Linux Security Advisory 201006-2 - Multiple integer overflows in CamlImages might result in the remote execution of arbitrary code. Tielei Wang reported multiple integer overflows, possibly leading to heap-based buffer overflows in the (1) read_png_file() and read_png_file_as_rgb24() functions, when processing a PNG image (CVE-2009-2295) and (2) gifread.c and jpegread.c files when processing GIF or JPEG images (CVE-2009-2660). Versions less than 3.0.2 are affected.
1ff36330b25690b14be6cce445be259367ecdd35ac1e820015ce28c6f8e38447Debian Linux Security Advisory 1912-2 - Due to the fact that advi, an active DVI previewer and presenter, statically links against camlimages it was necessary to rebuilt it in order to incorporate the latest security fixes for camlimages, which could lead to integer overflows via specially crafted TIFF files (CVE-2009-3296) or GIFF and JPEG images (CVE-2009-2660).
ba7b34b0bb05be6dd15df8083c54a4d732ff7cd274c08c9d1f9b0cbd29a04c52Mandriva Linux Security Advisory 2009-286 - Multiple overflow vulnerabilities has been found and corrected in ocaml-camlimages. This update fixes these vulnerabilities.
7189e0949df2a4ac282108e7ae86e6dc443133046bf9269368278a08429889c9Debian Linux Security Advisory 1912-1 - It was discovered that CamlImages, an open source image processing library, suffers from several integer overflows, which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. This advisory addresses issues with the reading of TIFF files. It also expands the patch for CVE-2009-2660 to cover another potential overflow in the processing of JPEG images.
31731f304b793b7ccbd25713a9ee48a24f72bafd9f3d7d422dc85aaf6032eca5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed