MidnightBSD

Advisories for xli

CVE-2001-0775 HIGH

Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
xli xli 1.17
xloadimage xloadimage 4.1
xli xli 1.16
CVE-2005-0638 HIGH

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xli xli 1.15
suse suse_linux 8.1
suse suse_linux 6.4
suse suse_linux 9.2
xli xli 1.16
xli xli 1.14
suse suse_linux 5.2
suse suse_linux 9.3
xli xli 1.17
suse suse_linux 8.0
altlinux alt_linux 2.3
suse suse_linux 6.1
suse suse_linux 8.2
suse suse_linux 7.1
suse suse_linux 6.0
suse suse_linux 4.2
suse suse_linux 4.3
suse suse_linux 4.4.1
suse suse_linux 6.3
suse suse_linux 4.4
suse suse_linux 5.0
suse suse_linux 9.1
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.2
suse suse_linux 1.0
suse suse_linux 5.1
suse suse_linux 3.0
suse suse_linux 9.0
suse suse_linux 7.0
suse suse_linux 7.3
suse suse_linux 7.2
suse suse_linux 5.3
CVE-2005-0639 HIGH

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xli xli 1.15
suse suse_linux 8.1
suse suse_linux 6.4
suse suse_linux 9.2
xli xli 1.16
xli xli 1.14
suse suse_linux 5.2
suse suse_linux 9.3
xli xli 1.17
suse suse_linux 8.0
altlinux alt_linux 2.3
suse suse_linux 6.1
suse suse_linux 8.2
suse suse_linux 7.1
suse suse_linux 6.0
suse suse_linux 4.2
suse suse_linux 4.3
suse suse_linux 4.4.1
suse suse_linux 6.3
suse suse_linux 4.4
suse suse_linux 5.0
suse suse_linux 9.1
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 6.2
suse suse_linux 1.0
suse suse_linux 5.1
suse suse_linux 3.0
suse suse_linux 9.0
suse suse_linux 7.0
suse suse_linux 7.3
suse suse_linux 7.2
suse suse_linux 5.3
CVE-2005-3178 MEDIUM

Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xli xli *
xloadimage xloadimage *