Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/55656 - | |
References | () http://secunia.com/advisories/35647 - | |
References | () http://www.ocert.org/advisories/ocert-2009-008.html - | |
References | () http://www.securityfocus.com/archive/1/504727/100/0/threaded - |
Information
Published : 2009-07-05 16:30
Updated : 2024-11-21 01:04
NVD link : CVE-2009-2294
Mitre link : CVE-2009-2294
CVE.ORG link : CVE-2009-2294
JSON object : View
Products Affected
dillo
- dillo
CWE
CWE-189
Numeric Errors