20673 2009-07-03 15:29:23 +0400 CVE-2009-2369 wxWidgets "wxImage::Create()" Integer Overflow Vulnerability 2009-08-21 16:47:43 +0400 1 1 4 Development Sisyphus wxGTK unstable all Linux CLOSED DUPLICATE 20328 http://secunia.com/advisories/35351/ security P3 critical --- 1 crux nobody boris qa-sisyphus oldest_to_newest 94163 0 crux 2009-07-03 15:29:23 +0400 Tielei Wang has discovered a vulnerability in wxWidgets, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error within the "wxImage::Create()" function in src/common/image.cpp. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening e.g. a specially crafted JPEG file. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 2.8.10. Other versions may also be affected. 97019 1 boris 2009-08-21 16:47:43 +0400 > wxGTK-2.8.9-alt2.src.rpm *** This bug has been marked as a duplicate of bug 20328 ***