CVE-2005-3178

Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
References
Link Resource
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62/SCOSA-2005.62.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.56/SCOSA-2005.56.txt
http://marc.info/?l=bugtraq&m=112862493918840&w=2
http://secunia.com/advisories/17087/ Vendor Advisory
http://secunia.com/advisories/17124
http://secunia.com/advisories/17139
http://secunia.com/advisories/17140
http://secunia.com/advisories/17143
http://secunia.com/advisories/17206
http://secunia.com/advisories/17273
http://secunia.com/advisories/17282
http://secunia.com/advisories/17369
http://secunia.com/advisories/18050
http://secunia.com/advisories/18170
http://secunia.com/advisories/18491
http://securitytracker.com/id?1015072
http://support.avaya.com/elmodocs2/security/ASA-2006-013.htm
http://www.debian.org/security/2005/dsa-858 Patch Vendor Advisory
http://www.debian.org/security/2005/dsa-859 Patch Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200510-26.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:192
http://www.novell.com/linux/security/advisories/2005_24_sr.html
http://www.redhat.com/support/errata/RHSA-2005-802.html
http://www.securityfocus.com/archive/1/433935/30/5010/threaded
http://www.securityfocus.com/bid/15051
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10590
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62/SCOSA-2005.62.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.56/SCOSA-2005.56.txt
http://marc.info/?l=bugtraq&m=112862493918840&w=2
http://secunia.com/advisories/17087/ Vendor Advisory
http://secunia.com/advisories/17124
http://secunia.com/advisories/17139
http://secunia.com/advisories/17140
http://secunia.com/advisories/17143
http://secunia.com/advisories/17206
http://secunia.com/advisories/17273
http://secunia.com/advisories/17282
http://secunia.com/advisories/17369
http://secunia.com/advisories/18050
http://secunia.com/advisories/18170
http://secunia.com/advisories/18491
http://securitytracker.com/id?1015072
http://support.avaya.com/elmodocs2/security/ASA-2006-013.htm
http://www.debian.org/security/2005/dsa-858 Patch Vendor Advisory
http://www.debian.org/security/2005/dsa-859 Patch Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200510-26.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:192
http://www.novell.com/linux/security/advisories/2005_24_sr.html
http://www.redhat.com/support/errata/RHSA-2005-802.html
http://www.securityfocus.com/archive/1/433935/30/5010/threaded
http://www.securityfocus.com/bid/15051
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10590
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:xli:xli:*:*:*:*:*:*:*:*
cpe:2.3:a:xloadimage:xloadimage:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:01

Type Values Removed Values Added
References () ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62/SCOSA-2005.62.txt - () ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62/SCOSA-2005.62.txt -
References () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.56/SCOSA-2005.56.txt - () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.56/SCOSA-2005.56.txt -
References () http://marc.info/?l=bugtraq&m=112862493918840&w=2 - () http://marc.info/?l=bugtraq&m=112862493918840&w=2 -
References () http://secunia.com/advisories/17087/ - Vendor Advisory () http://secunia.com/advisories/17087/ - Vendor Advisory
References () http://secunia.com/advisories/17124 - () http://secunia.com/advisories/17124 -
References () http://secunia.com/advisories/17139 - () http://secunia.com/advisories/17139 -
References () http://secunia.com/advisories/17140 - () http://secunia.com/advisories/17140 -
References () http://secunia.com/advisories/17143 - () http://secunia.com/advisories/17143 -
References () http://secunia.com/advisories/17206 - () http://secunia.com/advisories/17206 -
References () http://secunia.com/advisories/17273 - () http://secunia.com/advisories/17273 -
References () http://secunia.com/advisories/17282 - () http://secunia.com/advisories/17282 -
References () http://secunia.com/advisories/17369 - () http://secunia.com/advisories/17369 -
References () http://secunia.com/advisories/18050 - () http://secunia.com/advisories/18050 -
References () http://secunia.com/advisories/18170 - () http://secunia.com/advisories/18170 -
References () http://secunia.com/advisories/18491 - () http://secunia.com/advisories/18491 -
References () http://securitytracker.com/id?1015072 - () http://securitytracker.com/id?1015072 -
References () http://support.avaya.com/elmodocs2/security/ASA-2006-013.htm - () http://support.avaya.com/elmodocs2/security/ASA-2006-013.htm -
References () http://www.debian.org/security/2005/dsa-858 - Patch, Vendor Advisory () http://www.debian.org/security/2005/dsa-858 - Patch, Vendor Advisory
References () http://www.debian.org/security/2005/dsa-859 - Patch, Vendor Advisory () http://www.debian.org/security/2005/dsa-859 - Patch, Vendor Advisory
References () http://www.gentoo.org/security/en/glsa/glsa-200510-26.xml - () http://www.gentoo.org/security/en/glsa/glsa-200510-26.xml -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:192 - () http://www.mandriva.com/security/advisories?name=MDKSA-2005:192 -
References () http://www.novell.com/linux/security/advisories/2005_24_sr.html - () http://www.novell.com/linux/security/advisories/2005_24_sr.html -
References () http://www.redhat.com/support/errata/RHSA-2005-802.html - () http://www.redhat.com/support/errata/RHSA-2005-802.html -
References () http://www.securityfocus.com/archive/1/433935/30/5010/threaded - () http://www.securityfocus.com/archive/1/433935/30/5010/threaded -
References () http://www.securityfocus.com/bid/15051 - () http://www.securityfocus.com/bid/15051 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10590 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10590 -

Information

Published : 2005-10-07 18:02

Updated : 2024-11-21 00:01


NVD link : CVE-2005-3178

Mitre link : CVE-2005-3178

CVE.ORG link : CVE-2005-3178


JSON object : View

Products Affected

xli

  • xli

xloadimage

  • xloadimage