FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-0654

This CVE name corresponds to:

Entered Topic
2014-03-06 xmms -- Integer Overflow And Underflow Vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2007-0654
Phase Assigned(20070201)

Description

Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow.

References

Source Reference
BUGTRAQ 20070321 Secunia Research: XMMS Integer Overflow and UnderflowVulnerabilities
MISC http://secunia.com/secunia_research/2007-47/advisory/
DEBIAN DSA-1277
MANDRIVA MDKSA-2007:071
SUSE SUSE-SR:2007:006
UBUNTU USN-445-1
BID 23078
VUPEN ADV-2007-1057
SECUNIA 23986
SECUNIA 24645
SECUNIA 24804
SECUNIA 24889
XF xmms-skinbitmap-bo(33203)