324021 – net-proxy/ziproxy Multiple integer overflows in src/image.c (CVE-2010-1513)

Bug 324021 - net-proxy/ziproxy Multiple integer overflows in src/image.c (CVE-2010-1513)

Summary: net-proxy/ziproxy Multiple integer overflows in src/image.c (CVE-2010-1513)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High trivial (vote)
Assignee:	Gentoo Security

URL:	http://ziproxy.sourceforge.net/#news
Whiteboard:	~1 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2010-06-14 21:44 UTC by Matthias Geerdsen (RETIRED)
Modified:	2010-06-15 20:13 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Geerdsen (RETIRED) gentoo-dev

2010-06-14 21:44:45 UTC

CVE-2010-1513 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1513):
  Multiple integer overflows in src/image.c in Ziproxy before 3.0.1
  allow remote attackers to execute arbitrary code via (1) a large JPG
  image, related to the jpg2bitmap function or (2) a large PNG image,
  related to the png2bitmap function, leading to heap-based buffer
  overflows.

Comment 1 Samuli Suominen (RETIRED) gentoo-dev

2010-06-15 15:10:01 UTC

+*ziproxy-3.1.1 (15 Jun 2010)
+
+  15 Jun 2010; Samuli Suominen <ssuominen@gentoo.org> +ziproxy-3.1.1.ebuild:
+  Version bump wrt #324021.

Comment 2 Matthias Geerdsen (RETIRED) gentoo-dev

2010-06-15 20:13:29 UTC

closing without GLSA, since ziproxy is not marked stable

thanks Samuli for the quick fix