Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-08-05T19:00:00
Updated: 2024-08-07T05:59:56.957Z
Reserved: 2009-08-05T00:00:00
Link: CVE-2009-2688
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-08-05T19:30:01.360
Modified: 2024-11-21T01:05:30.607
Link: CVE-2009-2688
Redhat