zgv, xzgv -- heap overflow vulnerability

ID A813A219-D2D4-11DA-A672-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2010-03-22T00:00:00


Gentoo reports:

Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer. An attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv or zgv user when attempting to render the image.