FreeBSD : optipng -- arbitrary code execution via crafted BMP image (2bc960c4-e665-11dd-afcd-00e0815b8da8)
High Nessus Plugin ID 35426
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
A vulnerability has been reported in OptiPNG, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the BMP reader and can be exploited to cause a buffer overflow by tricking a user into processing a specially crafted file.
Successful exploitation may allow execution of arbitrary code.
SolutionUpdate the affected package.