Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-08-05T19:00:00

Updated: 2024-08-07T05:59:56.957Z

Reserved: 2009-08-05T00:00:00

Link: CVE-2009-2688

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-08-05T19:30:01.360

Modified: 2017-08-17T01:30:52.070

Link: CVE-2009-2688

cve-icon Redhat

Severity : Low

Publid Date: 2009-06-25T00:00:00Z

Links: CVE-2009-2688 - Bugzilla