Vulnerability Description
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xli | Xli | All versions |
| Xloadimage | Xloadimage | <= 4.1 |
References
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62/SCOSA-2005.62.txt
- ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.56/SCOSA-2005.56.txt
- http://marc.info/?l=bugtraq&m=112862493918840&w=2
- http://secunia.com/advisories/17087/Vendor Advisory
- http://secunia.com/advisories/17124
- http://secunia.com/advisories/17139
- http://secunia.com/advisories/17140
- http://secunia.com/advisories/17143
- http://secunia.com/advisories/17206
- http://secunia.com/advisories/17273
- http://secunia.com/advisories/17282
- http://secunia.com/advisories/17369
- http://secunia.com/advisories/18050
- http://secunia.com/advisories/18170
- http://secunia.com/advisories/18491
FAQ
What is CVE-2005-3178?
CVE-2005-3178 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom,...
How severe is CVE-2005-3178?
CVE-2005-3178 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3178?
Check the references section above for vendor advisories and patch information. Affected products include: Xli Xli, Xloadimage Xloadimage.