FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a813a219-d2d4-11da-a672-000e0c2e438a	zgv, xzgv -- heap overflow vulnerability Gentoo reports: Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer. An attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv or zgv user when attempting to render the image. Discovery 2006-04-21 Entry 2006-04-23 Modified 2010-03-22 zgv < 5.9_1 xzgv < 0.9 17409 CVE-2006-1060 http://www.gentoo.org/security/en/glsa/glsa-200604-10.xml

VuXML ID

Description

a813a219-d2d4-11da-a672-000e0c2e438a

zgv, xzgv -- heap overflow vulnerability

Gentoo reports:

Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer.

An attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv or zgv user when attempting to render the image.

Discovery 2006-04-21
Entry 2006-04-23
Modified 2010-03-22
zgv

< 5.9_1

xzgv

< 0.9

17409
CVE-2006-1060
http://www.gentoo.org/security/en/glsa/glsa-200604-10.xml