This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
8c1da77d-d3e9-11d9-8ffb-00061bc2ad93 | xloadimage -- buffer overflow in FACES image handling In 2001, zen-parse discovered a buffer overflow in xloadimage's FACES image loader. A maliciously crafted image could cause xloadimage to execute arbitrary code. A published exploit exists for this vulnerability. In 2005, Rob Holland discovered that the same vulnerability was present in xli. Discovery 2000-02-19 Entry 2005-06-03 xli le 1.17.0_1 xloadimage < 4.1.9 CVE-2001-0775 http://marc.theaimsgroup.com/?l=bugtraq&m=99477230306845 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=46186 http://bugs.gentoo.org/show_bug.cgi?id=79762 |
bfbbd505-3bd6-409c-8c67-445d3635cf4b | xli -- integer overflows in image size calculations Tavis Ormandy discovered several integer overflows in xli's image size handling. A maliciously crafted image may be able to cause a heap buffer overflow and execute arbitrary code. Discovery 2005-02-08 Entry 2005-06-03 xli le 1.17.0_1 CVE-2005-0639 http://bugs.gentoo.org/show_bug.cgi?id=79762 http://pantransit.reptiles.org/prog/xli/CHANGES |
2f0cb4bb-416d-11da-99fe-000854d03344 | xloadimage -- buffer overflows in NIFF image title handling Ariel Berkman reports:
Discovery 2005-10-05 Entry 2005-10-20 Modified 2005-10-23 xloadimage < 4.1.15 xli < 1.17.0_4 15051 CVE-2005-3178 http://marc.theaimsgroup.com/?l=bugtraq&m=112862493918840&w=2 |
310d0087-0fde-4929-a41f-96f17c5adffe | xloadimage -- arbitrary command execution when handling compressed files Tavis Ormandy discovered that xli and xloadimage attempt to
decompress images by piping them through Discovery 2005-02-18 Entry 2005-06-03 xli le 1.17.0_1 xloadimage le 4.1.10 CVE-2005-0638 http://bugs.gentoo.org/show_bug.cgi?id=79762 |