[Bug 467981] [NEW] Integer overflow in the wxImage::Create function

Stefan Lesicnik stefan at lsd.co.za
Sun Nov 1 06:44:30 UTC 2009


*** This bug is a security vulnerability ***

Public security bug reported:

CVE 2009-2369

Integer overflow in the wxImage::Create function in src/common/image.cpp
in wxWidgets 2.8.10 allows attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted JPEG file,
which triggers a heap-based buffer overflow. NOTE: the provenance of
this information is unknown; the details are obtained solely from third
party information.

Fixed in Karmic already.

** Affects: wxwidgets2.6 (Ubuntu)
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2369

** Visibility changed to: Public

-- 
Integer overflow in the wxImage::Create function
https://bugs.launchpad.net/bugs/467981
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs




More information about the universe-bugs mailing list