Your submission was sent successfully! Close

CVE-2006-1060

Published: 11 April 2006

Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.

Priority

Unknown

Status

Package Release Status
xzgv
Launchpad, Ubuntu, Debian
Upstream Needs triage

zgv
Launchpad, Ubuntu, Debian
Upstream Needs triage