Secunia Research has discovered two vulnerabilities in Ziproxy, which can be exploited by malicious people to compromise a vulnerable system. An integer overflow within the "jpg2bitmap()" function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted JPG images. An integer overflow within the "png2bitmap()" function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images. Ziproxy version 3.0.0 is affected.
851e9952130f099d0edcb8f4fe028a7bca82ee0b035f4ac62192137852301972