FreeBSD : xpcd -- buffer overflow (d337b206-200f-11dc-a197-0011098b2f36)
High Nessus Plugin ID 56497
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionDebian Project reports :
Erik Sjolund discovered a buffer overflow in pcdsvgaview, an SVGA PhotoCD viewer. xpcd-svga is part of xpcd and uses svgalib to display graphics on the Linux console for which root permissions are required.
A malicious user could overflow a fixed-size buffer and may cause the program to execute arbitrary code with elevated privileges.
SolutionUpdate the affected package.