Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 allow remote attackers to execute arbitrary code via (1) a large JPG image, related to the jpg2bitmap function or (2) a large PNG image, related to the png2bitmap function, leading to heap-based buffer overflows.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ziproxy'src/image.c'多个整数溢出漏洞
Vulnerability Description
Ziproxy是转发压缩HTTP代理服务器,可将图像压缩为低质量的JPEG或JPEG 2000文件并压缩HTML和其他文字类的数据。 Ziproxy 程序'src/image.c'存在多个整数溢出漏洞, 远程攻击者可以通过多个方式引发基于堆的缓冲区溢出和执行任意代码,包括:(1)一个超大的JPG图象, 与函数jpg2bitmap相关, 或(2)一个超大的PNG图像,与函数png2bitmap相关。
CVSS Information
N/A
Vulnerability Type
N/A