Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
XV多个缓冲区溢出和整数溢出漏洞
Vulnerability Description
xv是X Windows系统下的图象处理工具。 xv存在多个缓冲区溢出和整数溢出,本地攻击者可以利用这个漏洞以用户进程权限在系统上执行任意指令。 基于堆栈的缓冲区溢出存在于'xvbmp.c'源文件中,根据报告用户提供的值在拷贝到堆栈的缓冲区中没有任何边界检查,可触发溢出。 'xviris.c'源文件存在多个基于堆的溢出,根据报告问题是由于整数处理问题。攻击者提供特殊整数值可导致内存分配问题,触发溢出。 'xvpcx.c'源文件也存在堆的溢出,问题是整数处理问题。攻击者提供特殊整数值可导致内存分配问题,触发
CVSS Information
N/A
Vulnerability Type
N/A