Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1060

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1060
Last Modified 17 Oct 2011 12:00:00
Published 11 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1060

Summary

Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required.

Vulnerable Systems

Application

  • Xzgv 0.8


References

SECUNIA - 19779

SECUNIA - 19757

XF - xzgv-jpeg-bo(25718)

VUPEN - ADV-2006-1288

BID - 17409

SUSE - SUSE-SR:2006:008

DEBIAN - DSA-1038

DEBIAN - DSA-1037

SREASON - 756

SECUNIA - 19790

SECUNIA - 19731

SECUNIA - 19572

SECUNIA - 19571


Last Updated: 27 May 2016 10:41:54