Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200501-09] xzgv: Multiple overflows Vulnerability Scan
Vulnerability Scan Summary
xzgv: Multiple overflows
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200501-09
(xzgv: Multiple overflows)
Multiple overflows have been found in the image processing code of
xzgv, including an integer overflow in the PRF parsing code
A possible hacker could entice a user to open or browse a
specially-crafted image file, potentially resulting in the execution of
arbitrary code with the rights of the user running xzgv.
There is no known workaround at this time.
All xzgv users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/xzgv-0.8-r1"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.