Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2009-2295 ocaml-camlimages: PNG reader multiple integer overflows (oCERT-2009-009) Alias: CVE-2009-2295 https://bugzilla.redhat.com/show_bug.cgi?id=509531 Summary: CVE-2009-2295 ocaml-camlimages: PNG reader multiple integer overflows (oCERT-2009-009) Product: Security Response Version: unspecified Platform: All OS/Version: Linux Status: NEW Keywords: Security Severity: medium Priority: medium Component: vulnerability AssignedTo: security-response-team@xxxxxxxxxx ReportedBy: thoger@xxxxxxxxxx CC: rjones@xxxxxxxxxx, fedora-ocaml-list@xxxxxxxxxx Classification: Other Target Release: --- oCERT advisory oCERT-2009-009 was published describing a flaw in ocaml-camlimages: http://www.ocert.org/advisories/ocert-2009-009.html CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. Issue was reported to affect both 2.2 and 3.0.1, which no upstream patch available at the moment. References: http://thread.gmane.org/gmane.comp.security.oss.general/1882 http://bugs.gentoo.org/show_bug.cgi?id=276235 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Fedora-ocaml-list mailing list Fedora-ocaml-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-ocaml-list
