[ MDVSA-2009:286 ] ocaml-camlimages

[dude67]

_______________________________________________________________________

Package : ocaml-camlimages
Date : October 21, 2009
Affected: Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in
ocaml-camlimages:

Multiple integer overflows in CamlImages 2.2 and earlier might allow
context-dependent attackers to execute arbitrary code via a crafted
PNG image with large width and height values that trigger a heap-based
buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24
function (CVE-2009-2295).

Multiple integer overflows in CamlImages 2.2 might allow
context-dependent attackers to execute arbitrary code via images
containing large width and height values that trigger a heap-based
buffer overflow, related to (1) crafted GIF files (gifread.c) and
(2) crafted JPEG files (jpegread.c), a different vulnerability than
CVE-2009-2295 (CVE-2009-2660).

Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow
remote attackers to execute arbitrary code via TIFF images containing
large width and height values that trigger heap-based buffer overflows
(CVE-2009-3296).

This update fixes these vulnerabilities.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-2295
http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-2660
http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-3296
_______________________________________________________________________