zgv XPM Image Processing Overflow

2004-10-25T20:07:17
ID OSVDB:11213
Type osvdb
Reporter infamous41md(infamous41md@hotpop.com)
Modified 2004-10-25T20:07:17

Description

Vulnerability Description

A remote overflow exists in zgv. zgv fails to perform boundary checking of user-supplied data from XPM image headers in readxpm.c, resulting in a heap overflow. With a specially crafted XPM file, an attacker can cause remote code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Russel Marks has released a patch to address this vulnerability.

Short Description

A remote overflow exists in zgv. zgv fails to perform boundary checking of user-supplied data from XPM image headers in readxpm.c, resulting in a heap overflow. With a specially crafted XPM file, an attacker can cause remote code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.svgalib.org/rus/zgv/ Vendor Specific Solution URL: http://www.svgalib.org/rus/zgv/zgv-5.8-integer-overflow-fix.diff Vendor Specific Advisory URL Security Tracker: 1011951 Secunia Advisory ID:13461 Secunia Advisory ID:12998 Secunia Advisory ID:13107 Related OSVDB ID: 11205 Related OSVDB ID: 11208 Related OSVDB ID: 11207 Related OSVDB ID: 11211 Related OSVDB ID: 11212 Related OSVDB ID: 11206 Related OSVDB ID: 11209 Related OSVDB ID: 11210 Other Advisory URL: http://www.debian.org/security/2004/dsa-608 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200411-12.xml Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0283.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-10/0308.html ISS X-Force ID: 17871 CVE-2004-1095 Bugtraq ID: 11556