Debian Security Advisory DSA 1832-1 (camlimages) Network Vulnerability

Summary

The remote host is missing an update to camlimages announced via advisory DSA 1832-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201832-1

Insight

Tielei Wang discovered that CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. For the old stable distribution (etch), this problem has been fixed in version 2.20-8+etch1. For the stable distribution (lenny), this problem has been fixed in version 2.2.0-4+lenny1. For the unstable distribution (sid), this problem has been fixed in version 3.0.1-2. We recommend that you upgrade your camlimages package.

Severity

Classification

CVE CVE-2009-2295

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 079-2 (uucp)
Debian Security Advisory DSA 1015-1 (sendmail)
Debian Security Advisory DSA 061-1 (gnupg)
Debian Security Advisory DSA 1033-1 (horde3)
Debian Security Advisory DSA 079-1 (uucp)

Take action and discover your vulnerabilities