Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

The remote host is affected by the vulnerability described in GLSA-201009-01 (wxGTK: User-assisted execution of arbitrary code)

    wxGTK is prone to an integer overflow error in the wxImage::Create()     function in src/common/image.cpp, possibly leading to a heap-based     buffer overflow.
  Impact :

    A remote attacker might entice a user to open a specially crafted JPEG     file using a program that uses wxGTK, possibly resulting in the remote     execution of arbitrary code with the privileges of the user running the     application.
  Workaround :

    There is no known workaround at this time.

Tielei Wang has discovered an integer overflow in wxWidgets, the wxWidgets Cross-platform C++ GUI toolkit, which allows the execution of arbitrary code via a crafted JPEG file.

A vulnerability has been found and corrected in wxgtk :

Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE:
the provenance of this information is unknown; the details are obtained solely from third-party information (CVE-2009-2369).

This update provides a solution to this vulnerability.

The remote Fedora host is missing one or more security updates :

compat-wxGTK26-2.6.4-10.fc10 :

Added rediffed fix for CVE-2009-2369 as found in wxGTK 2.8.10

mingw32-libtiff-3.8.2-17.fc11 :

  - update upstream URL - Fix some more LZW decoding     vulnerabilities (CVE-2009-2285)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Added rediffed fix for CVE-2009-2369 as found in wxGTK 2.8.10

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
49098	GLSA-201009-01 : wxGTK: User-assisted execution of arbitrary code	Nessus	Gentoo Local Security Checks	medium
44755	Debian DSA-1890-1 : wxwindows2.4 wxwidgets2.6 wxwidgets2.8 - integer overflow	Nessus	Debian Local Security Checks	medium
40636	Mandriva Linux Security Advisory : wxgtk (MDVSA-2009:204)	Nessus	Mandriva Local Security Checks	medium
39863	Fedora 10 : compat-wxGTK26-2.6.4-10.fc10 / Fedora 11 : mingw32-libtiff-3.8.2-17.fc11 (2009-7763)	Nessus	Fedora Local Security Checks	medium
39861	Fedora 11 : compat-wxGTK26-2.6.4-10.fc11 (2009-7755)	Nessus	Fedora Local Security Checks	medium

Detections

Analytics

CVE-2009-2369

high

Tenable Plugins

medium

medium

medium

medium

medium