Your submission was sent successfully! Close

CVE-2009-2660

Published: 04 August 2009

Multiple integer overflows in CamlImages 2.2 might allow context-dependent attackers to execute arbitrary code via images containing large width and height values that trigger a heap-based buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) crafted JPEG files (jpegread.c), a different vulnerability than CVE-2009-2295.

Priority

Medium

Status

Package Release Status
camlimages
Launchpad, Ubuntu, Debian
Upstream
Released (1:3.0.1-3)