FreeBSD : sdl_image -- buffer overflow vulnerabilities (b1bcab7d-1880-11dd-a914-0016179b2dd5)
Critical Nessus Plugin ID 32148
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Two vulnerabilities have been reported in SDL_image, which can be exploited by malicious people to cause a Denial of Service or potentially compromise an application using the library.
A boundary error within the LWZReadByte() function in IMG_gif.c can be exploited to trigger the overflow of a static buffer via a specially crafted GIF file.
A boundary error within the 'IMG_LoadLBM_RW()' function in IMG_lbm.c can be exploited to cause a heap-based buffer overflow via a specially crafted IFF ILBM file.
SolutionUpdate the affected package.