CVE-2009-2295

Publication date 5 July 2009

Last updated 24 July 2024

Description

Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
advi	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	9.10 karmic	Fixed 1.6.0-14ubuntu0.1
	9.04 jaunty	Fixed 1.6.0-13+lenny2build0.9.04.1
	8.10 intrepid	Ignored end of life, was needs-triage
	8.04 LTS hardy	Fixed 1.6.0-13ubuntu0.1
	6.06 LTS dapper	Ignored end of life
camlimages	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	9.04 jaunty	Fixed 1:2.2.0-4+lenny2build0.9.04.1
	8.10 intrepid	Fixed 1:2.2.0-3ubuntu0.1
	8.04 LTS hardy	Fixed 1:2.2.0-2ubuntu2.1
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2009-2295

CVE-2009-2295

Description

Status

References

Other references

Access our resources on patching vulnerabilities