[SECURITY] [DSA 1038-1] New xzgv packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1038-1 [email protected] http://www.debian.org/security/ Martin Schulze April 22nd, 2006 http://www.debian.org/security/faq -...

zgv, xzgv: Heap overflow

Background xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Description Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space...

Heap overflow

Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required...

DEBIAN-CVE-2006-1060

Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required...

CVE-2006-1060

Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required...