‘Ziproxy Multiple Integer Overflow Vulnerabilities’
Summary
‘
Credit:
‘The information has been provided by Stefan Cornelius.
The original article can be found at: http://secunia.com/secunia_research/2010-75/‘
Details
‘Vulnerable Systems:
* Ziproxy 3.0.0.
Immune Systems:
* Ziproxy 3.0.1.
The following vulnerabilities were discovered:
1) An integer overflow within the ‘jpg2bitmap()’ function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted JPG images.
2) An integer overflow within the ‘png2bitmap()’ function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images.
CVE Information:
CVE-2010-1513
Disclosure Timeline:
19/05/2010 – Vendor notified.
19/05/2010 – Vendor response.
20/05/2010 – Vendor issues fixed version.
24/05/2010 – Public disclosure.’