VYPR
Vendor

Xloadimage

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2001-0775Oct 18, 2001
    risk 0.04cvss epss 0.16

    Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.

  • CVE-2005-3178Oct 7, 2005
    risk 0.00cvss epss 0.04

    Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.

  • CVE-2005-0638Mar 2, 2005
    risk 0.00cvss epss 0.04

    xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.