2 matches found
CVE-2010-1513
Ziproxy contains a vulnerability in src/image.c up to version 3.0.1 where integer overflows on processing unusually large JPG/PNG images lead to heap-based buffer overflows and remote arbitrary code execution. The issue affects Ziproxy before 3.0.1; remediation is to upgrade to 3.0.1 or newer (pe...
CVE-2010-2350
CVE-2010-2350 describes a heap-based buffer overflow in the PNG decoder of Ziproxy 3.1.0. The vulnerability allows remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via a crafted PNG file. Affected software: Ziproxy’s PNG image processing. Root cause: ov...