FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-18 19:03:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a4bd3039-9a48-11d9-a256-0001020eed82	xv -- filename handling format string vulnerability A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the handling of image filenames by xv. Successful exploitation would require a victim to process a specially crafted image with a malformed filename, potentially resulting in the execution of arbitrary code. Discovery 2005-03-01 Entry 2005-03-21 xv ja-xv < 3.10a_5 CVE-2005-0665 http://www.gentoo.org/security/en/glsa/glsa-200503-09.xml
fffacc93-16cb-11d9-bc4a-000c41e2cdad	xv -- exploitable buffer overflows In a Bugtraq posting, infamous41md(at)hotpop.com reported: there are at least 5 exploitable buffer and heap overflows in the image handling code. this allows someone to craft a malicious image, trick a user into viewing the file in xv, and upon viewing that image execute arbitrary code under privileges of the user viewing image. note the AT LEAST part of the above sentence. there is such a plethora of bad code that I just stopped reading after a while. there are at least 100 calls to sprintf() and strcpy() with no regards for bounds of buffers. 95% of these deal with program arguments or filenames, so they are of no interest to exploit. however I just got sick of reading this code after not too long. so im sure there are still other overflows in the image handling code for other image types. The posting also included an exploit. Discovery 2004-08-20 Entry 2004-10-05 Modified 2004-10-12 xv xv-m17n < 3.10a_4 http://marc.theaimsgroup.com/?l=bugtraq&m=109302498125092

VuXML ID

Description

a4bd3039-9a48-11d9-a256-0001020eed82

xv -- filename handling format string vulnerability

A Gentoo Linux Security Advisory reports:

Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the handling of image filenames by xv.

Successful exploitation would require a victim to process a specially crafted image with a malformed filename, potentially resulting in the execution of arbitrary code.

Discovery 2005-03-01
Entry 2005-03-21
xv
ja-xv

< 3.10a_5

CVE-2005-0665
http://www.gentoo.org/security/en/glsa/glsa-200503-09.xml

fffacc93-16cb-11d9-bc4a-000c41e2cdad

xv -- exploitable buffer overflows

In a Bugtraq posting, infamous41md(at)hotpop.com reported:

there are at least 5 exploitable buffer and heap overflows in the image handling code. this allows someone to craft a malicious image, trick a user into viewing the file in xv, and upon viewing that image execute arbitrary code under privileges of the user viewing image. note the AT LEAST part of the above sentence. there is such a plethora of bad code that I just stopped reading after a while. there are at least 100 calls to sprintf() and strcpy() with no regards for bounds of buffers. 95% of these deal with program arguments or filenames, so they are of no interest to exploit. however I just got sick of reading this code after not too long. so im sure there are still other overflows in the image handling code for other image types.

The posting also included an exploit.

Discovery 2004-08-20
Entry 2004-10-05
Modified 2004-10-12
xv
xv-m17n

< 3.10a_4

http://marc.theaimsgroup.com/?l=bugtraq&m=109302498125092