FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-24 11:27:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
20e23b65-a52e-11e3-ae3a-00224d7c32a2xmms -- Integer Overflow And Underflow Vulnerabilities

Secunia reports:

Secunia Research has discovered two vulnerabilities in XMMS, which can be exploited by malicious people to compromise a user's system.

1) An integer underflow error exists in the processing of skin bitmap images. This can be exploited to cause a stack-based buffer overflow via specially crafted skin images containing manipulated header information.

Successful exploitation allows execution of arbitrary code.

2) An integer overflow error exists in the processing of skin bitmap images. This can be exploited to cause memory corruption via specially crafted skin images containing manipulated header information.

Successful exploitation may allow the execution of arbitrary code.


Discovery 2007-02-06
Entry 2014-03-06
xmms
<= 1.2.11_20

CVE-2007-0653
CVE-2007-0654