FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xview -- multiple buffer overflows in xv_parse_one

Affected packages
xview < 3.2.1_3

Details

VuXML ID ae6ec9b8-2f43-4d02-8129-c6a3a53ef09d
Discovery 2005-02-09
Entry 2005-06-01

A Debian Security Advisory reports:

Erik Sjölund discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as privileged user.

[source]

References

CVE Name CVE-2005-0076
URL http://www.debian.org/security/2005/dsa-672
URL http://xforce.iss.net/xforce/xfdb/19271

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.