FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
|a4bd3039-9a48-11d9-a256-0001020eed82||xv -- filename handling format string vulnerability|
A Gentoo Linux Security Advisory reports:
Tavis Ormandy of the Gentoo Linux Security Audit Team
identified a flaw in the handling of image filenames by xv.
Successful exploitation would require a victim to process
a specially crafted image with a malformed filename,
potentially resulting in the execution of arbitrary code.
|fffacc93-16cb-11d9-bc4a-000c41e2cdad||xv -- exploitable buffer overflows|
In a Bugtraq posting, infamous41md(at)hotpop.com reported:
there are at least 5 exploitable buffer and heap
overflows in the image handling code. this allows someone
to craft a malicious image, trick a user into viewing the
file in xv, and upon viewing that image execute arbitrary
code under privileges of the user viewing image. note
the AT LEAST part of the above sentence. there is such a
plethora of bad code that I just stopped reading after
a while. there are at least 100 calls to sprintf() and
strcpy() with no regards for bounds of buffers. 95% of
these deal with program arguments or filenames, so they
are of no interest to exploit. however I just got sick of
reading this code after not too long. so im sure there are
still other overflows in the image handling code for other
The posting also included an exploit.