Your submission was sent successfully! Close

CVE-2009-2369

Published: 8 July 2009

Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Priority

Medium

Status

Package Release Status
wxwidgets2.6
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
hardy Ignored
(reached end-of-life)
intrepid Needed
(reached end-of-life)
jaunty
Released (2.6.3.2.2-3ubuntu4.1)
karmic
Released (2.6.3.2.2-3ubuntu5)
lucid Not vulnerable
(2.6.3.2.2-3ubuntu5)
maverick Not vulnerable
(2.6.3.2.2-3ubuntu5)
natty Not vulnerable
(2.6.3.2.2-3ubuntu5)
oneiric Not vulnerable
(2.6.3.2.2-3ubuntu5)
precise Not vulnerable
(2.6.3.2.2-3ubuntu5)
upstream Needs triage

wxwidgets2.8
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(reached end-of-life)
intrepid Needed
(reached end-of-life)
jaunty Ignored
(reached end-of-life)
karmic Ignored
(reached end-of-life)
lucid Not vulnerable
(2.8.10.1-0ubuntu1)
maverick Not vulnerable
(2.8.10.1-0ubuntu1)
natty Not vulnerable
(2.8.10.1-0ubuntu1)
oneiric Not vulnerable
(2.8.10.1-0ubuntu1)
precise Not vulnerable
(2.8.10.1-0ubuntu1)
upstream
Released (2.8.7.1-2)