FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-3178

This CVE name corresponds to:

Entered Topic
2005-10-20 xloadimage -- buffer overflows in NIFF image title handling

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-3178
Phase Assigned(20051007)

Description

Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.

References

Source Reference
BUGTRAQ 20051005 xloadimage buffer overflow.
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-013.htm
DEBIAN DSA-858
DEBIAN DSA-859
FEDORA FLSA-2006:152923
GENTOO GLSA-200510-26
MANDRIVA MDKSA-2005:192
REDHAT RHSA-2005:802
SCO SCOSA-2005.56
SCO SCOSA-2005.62
SUSE SUSE-SR:2005:024
BID 15051
OVAL oval:org.mitre.oval:def:10590
SECTRACK 1015072
SECUNIA 17087
SECUNIA 17124
SECUNIA 17369
SECUNIA 18050
SECUNIA 18170
SECUNIA 17139
SECUNIA 17140
SECUNIA 17143
SECUNIA 17206
SECUNIA 17273
SECUNIA 17282
SECUNIA 18491