ID CVE-2006-1060 Type cve Reporter NVD Modified 2017-07-19T21:30:16
Description
Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.
{"id": "CVE-2006-1060", "bulletinFamily": "NVD", "title": "CVE-2006-1060", "description": "Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.", "published": "2006-04-11T06:02:00", "modified": "2017-07-19T21:30:16", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1060", "reporter": "NVD", "references": ["http://www.securityfocus.com/bid/17409", "http://www.debian.org/security/2006/dsa-1038", "http://www.novell.com/linux/security/advisories/2006_08_sr.html", "http://www.vupen.com/english/advisories/2006/1288", "https://exchange.xforce.ibmcloud.com/vulnerabilities/25718", "http://www.debian.org/security/2006/dsa-1037", "http://securityreason.com/securityalert/756"], "cvelist": ["CVE-2006-1060"], "type": "cve", "lastseen": "2017-07-20T10:49:08", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:xzgv:xzgv:0.8"], "cvelist": ["CVE-2006-1060"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.", "edition": 1, "enchantments": {}, "hash": "90990634b86a8826ae24a3a2bf984e087ab05b4e76c887fd83954496b68699fe", "hashmap": [{"hash": "dabb43f109aea0e1e55592e03c309e60", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "0a953ea92e823720fedc71329faa235d", "key": "modified"}, {"hash": "12eb6beb6b1086d5396306e1abe70bc4", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8ed5def7d92de15b07ae1832e75d8fb4", "key": "description"}, {"hash": "55b9b546a39a2c9af62d6148490b484a", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "cab5905d814ad7448306b2854d5cdf74", "key": "title"}, {"hash": "5fd30fa1c23aa9b576a35dd1fde5f62c", "key": "references"}, {"hash": "1ab7a5d3d51f88238c3a9bfbea173c05", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1060", "id": "CVE-2006-1060", "lastseen": "2016-09-03T06:35:17", "modified": "2011-10-17T00:00:00", "objectVersion": "1.2", "published": "2006-04-11T06:02:00", "references": ["http://www.securityfocus.com/bid/17409", "http://xforce.iss.net/xforce/xfdb/25718", "http://www.debian.org/security/2006/dsa-1038", "http://www.novell.com/linux/security/advisories/2006_08_sr.html", "http://www.vupen.com/english/advisories/2006/1288", "http://www.debian.org/security/2006/dsa-1037", "http://securityreason.com/securityalert/756"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-1060", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T06:35:17"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "1ab7a5d3d51f88238c3a9bfbea173c05"}, {"key": "cvelist", "hash": "12eb6beb6b1086d5396306e1abe70bc4"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "8ed5def7d92de15b07ae1832e75d8fb4"}, {"key": "href", "hash": "dabb43f109aea0e1e55592e03c309e60"}, {"key": "modified", "hash": "a87b29f8ac9c6ac88b10948293c67cd1"}, {"key": "published", "hash": "55b9b546a39a2c9af62d6148490b484a"}, {"key": "references", "hash": "b74994fa300b38bb0279db214a115f64"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "cab5905d814ad7448306b2854d5cdf74"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3c874566493f8a1178466353569c16b5c64a9ef4bede98aaa1792fb146f2c5c2", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:xzgv:xzgv:0.8"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"result": {"freebsd": [{"id": "A813A219-D2D4-11DA-A672-000E0C2E438A", "type": "freebsd", "title": "zgv, xzgv -- heap overflow vulnerability", "description": "\nGentoo reports:\n\nAndrea Barisani of Gentoo Linux discovered xzgv and zgv\n\t allocate insufficient memory when rendering images with\n\t more than 3 output components, such as images using the\n\t YCCK or CMYK colour space.\tWhen xzgv or zgv attempt to\n\t render the image, data from the image overruns a heap\n\t allocated buffer.\nAn attacker may be able to construct a malicious image that\n\t executes arbitrary code with the permissions of the xzgv or\n\t zgv user when attempting to render the image.\n\n", "published": "2006-04-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/a813a219-d2d4-11da-a672-000e0c2e438a.html", "cvelist": ["CVE-2006-1060"], "lastseen": "2016-09-26T17:25:07"}], "nessus": [{"id": "FREEBSD_PKG_A813A219D2D411DAA672000E0C2E438A.NASL", "type": "nessus", "title": "FreeBSD : zgv, xzgv -- heap overflow vulnerability (a813a219-d2d4-11da-a672-000e0c2e438a)", "description": "Gentoo reports :\n\nAndrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer.\n\nAn attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv or zgv user when attempting to render the image.", "published": "2006-10-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22518", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-10-29T13:33:11"}, {"id": "GENTOO_GLSA-200604-10.NASL", "type": "nessus", "title": "GLSA-200604-10 : zgv, xzgv: Heap overflow", "description": "The remote host is affected by the vulnerability described in GLSA-200604-10 (zgv, xzgv: Heap overflow)\n\n Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer.\n Impact :\n\n An attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv or zgv user when attempting to render the image.\n Workaround :\n\n There is no known workaround at this time.", "published": "2006-04-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21256", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-10-29T13:38:01"}, {"id": "DEBIAN_DSA-1038.NASL", "type": "nessus", "title": "Debian DSA-1038-1 : xzgv - programming error", "description": "Andrea Barisani discovered that xzgv, a picture viewer for X with a thumbnail-based selector, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.", "published": "2006-10-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22580", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-10-29T13:46:06"}, {"id": "DEBIAN_DSA-1037.NASL", "type": "nessus", "title": "Debian DSA-1037-1 : zgv - programming error", "description": "Andrea Barisani discovered that zgv, an svgalib graphics viewer, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.", "published": "2006-10-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22579", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-10-29T13:38:08"}], "openvas": [{"id": "OPENVAS:56627", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200604-10 (xzgv)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200604-10.", "published": "2008-09-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56627", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-07-24T12:49:46"}, {"id": "OPENVAS:56654", "type": "openvas", "title": "FreeBSD Ports: zgv", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56654", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-07-02T21:10:08"}, {"id": "OPENVAS:56625", "type": "openvas", "title": "Debian Security Advisory DSA 1037-1 (zgv)", "description": "The remote host is missing an update to zgv\nannounced via advisory DSA 1037-1.\n\nAndrea Barisani discovered that zgv, an svgalib graphics viewer,\nattempts to decode JPEG images within the CMYK/YCCK colour space\nincorrectly, which could lead to the execution of arbitrary code.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 5.5-3woody3.", "published": "2008-01-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56625", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-07-24T12:50:25"}, {"id": "OPENVAS:56659", "type": "openvas", "title": "Debian Security Advisory DSA 1038-1 (xzgv)", "description": "The remote host is missing an update to xzgv\nannounced via advisory DSA 1038-1.\n\nAndrea Barisani discovered that xzgv, a picture viewer for X with a\nthumbnail-based selector, attempts to decode JPEG images within the\nCMYK/YCCK colour space incorrectly, which could lead to the execution\nof arbitrary code.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.7-6woody3.", "published": "2008-01-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=56659", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-07-24T12:50:03"}], "osvdb": [{"id": "OSVDB:24513", "type": "osvdb", "title": "zgv / xzgv JPEG CMYK/YCCK color space Image Parsing Overflow", "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2006_08_sr.html)\n[Secunia Advisory ID:19572](https://secuniaresearch.flexerasoftware.com/advisories/19572/)\n[Secunia Advisory ID:19571](https://secuniaresearch.flexerasoftware.com/advisories/19571/)\n[Secunia Advisory ID:19731](https://secuniaresearch.flexerasoftware.com/advisories/19731/)\n[Secunia Advisory ID:19779](https://secuniaresearch.flexerasoftware.com/advisories/19779/)\n[Secunia Advisory ID:19790](https://secuniaresearch.flexerasoftware.com/advisories/19790/)\n[Secunia Advisory ID:19757](https://secuniaresearch.flexerasoftware.com/advisories/19757/)\nOther Advisory URL: http://www.debian.org/security/2006/dsa-1038\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1037\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200604-10.xml\nFrSIRT Advisory: ADV-2006-1288\n[CVE-2006-1060](https://vulners.com/cve/CVE-2006-1060)\nBugtraq ID: 17409\n", "published": "2006-04-07T06:17:38", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:24513", "cvelist": ["CVE-2006-1060"], "lastseen": "2017-04-28T13:20:21"}], "debian": [{"id": "DSA-1037", "type": "debian", "title": "zgv -- programming error", "description": "Andrea Barisani discovered that zgv, an svgalib graphics viewer, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.\n\nFor the old stable distribution (woody) this problem has been fixed in version 5.5-3woody3.\n\nFor the stable distribution (sarge) this problem has been fixed in version 5.7-1.4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your zgv package.", "published": "2006-04-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1037", "cvelist": ["CVE-2006-1060"], "lastseen": "2016-09-02T18:20:30"}, {"id": "DSA-1038", "type": "debian", "title": "xzgv -- programming error", "description": "Andrea Barisani discovered that xzgv, a picture viewer for X with a thumbnail-based selector, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code.\n\nFor the old stable distribution (woody) this problem has been fixed in version 0.7-6woody3.\n\nFor the stable distribution (sarge) this problem has been fixed in version 0.8-3sarge1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your xzgv package.", "published": "2006-04-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1038", "cvelist": ["CVE-2006-1060"], "lastseen": "2016-09-02T18:27:21"}], "gentoo": [{"id": "GLSA-200604-10", "type": "gentoo", "title": "zgv, xzgv: Heap overflow", "description": "### Background\n\nxzgv and zgv are picture viewing utilities with a thumbnail based file selector. \n\n### Description\n\nAndrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer. \n\n### Impact\n\nAn attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv or zgv user when attempting to render the image. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll xzgv users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/xzgv-0.8-r2\"\n\nAll zgv users should also upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/zgv-5.9\"", "published": "2006-04-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200604-10", "cvelist": ["CVE-2006-1060"], "lastseen": "2016-09-06T19:46:36"}]}}