‘Ziproxy Multiple Integer Overflow Vulnerabilities’

Summary

Two vulnerabilities were discovered in Ziproxy, which can be exploited by malicious people to compromise a vulnerable system.’

Credit:

‘The information has been provided by Stefan Cornelius.
The original article can be found at: http://secunia.com/secunia_research/2010-75/


Details

Vulnerable Systems:
 * Ziproxy 3.0.0.

Immune Systems:
 * Ziproxy 3.0.1.

The following vulnerabilities were discovered:

1) An integer overflow within the ‘jpg2bitmap()’ function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted JPG images.
2) An integer overflow within the ‘png2bitmap()’ function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images.

CVE Information:
CVE-2010-1513

Disclosure Timeline:
19/05/2010 – Vendor notified.
19/05/2010 – Vendor response.
20/05/2010 – Vendor issues fixed version.
24/05/2010 – Public disclosure.’

Categories: UNIX