[Bug 467981] [NEW] Integer overflow in the wxImage::Create function
Stefan Lesicnik
stefan at lsd.co.za
Sun Nov 1 06:44:30 UTC 2009
*** This bug is a security vulnerability ***
Public security bug reported:
CVE 2009-2369
Integer overflow in the wxImage::Create function in src/common/image.cpp
in wxWidgets 2.8.10 allows attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted JPEG file,
which triggers a heap-based buffer overflow. NOTE: the provenance of
this information is unknown; the details are obtained solely from third
party information.
Fixed in Karmic already.
** Affects: wxwidgets2.6 (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2369
** Visibility changed to: Public
--
Integer overflow in the wxImage::Create function
https://bugs.launchpad.net/bugs/467981
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list