Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file.
CVSS Information
N/A
Vulnerability Type
整数溢出导致缓冲区溢出
Vulnerability Title
xcftools 输入验证错误漏洞
Vulnerability Description
xcftools是一款用于提取XCF文件信息的命令行工具。 xcftools 1.0.7版本中的xcf2png and xcf2pnm二进制文件的‘flattenIncrementally’函数存在输入验证错误漏洞。攻击者可借助特制的XCF文件利用该漏洞破坏内存并执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A