CVE-2009-2688
Publication date 5 August 2009
Last updated 24 July 2024
Ubuntu priority
Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Status
Package | Ubuntu Release | Status |
---|---|---|
xemacs21 | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Not affected
|
|
10.04 LTS lucid | Ignored end of life | |
9.10 karmic | Ignored end of life | |
9.04 jaunty | Ignored end of life | |
8.10 intrepid | Ignored end of life, was needs-triage | |
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life |