Mlterm Background Image Integer Overflow Vulnerability
BID:12737
Info
Mlterm Background Image Integer Overflow Vulnerability
| Bugtraq ID: | 12737 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 07 2005 12:00AM |
| Updated: | Mar 07 2005 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
mlterm mlterm 2.9.1 mlterm mlterm 2.9 mlterm mlterm 2.8 mlterm mlterm 2.7 mlterm mlterm 2.6.3 mlterm mlterm 2.6.2 mlterm mlterm 2.6.1 mlterm mlterm 2.6 mlterm mlterm 2.5 |
| Not Vulnerable: |
mlterm mlterm 2.9.2 |
Discussion
Mlterm Background Image Integer Overflow Vulnerability
mlterm is reported prone to an integer overflow vulnerability. This vulnerability arises due to a lack of sanity checks performed on a malformed image file.
mlterm versions 2.5.0 to 2.9.1 are reported vulnerable.
mlterm is reported prone to an integer overflow vulnerability. This vulnerability arises due to a lack of sanity checks performed on a malformed image file.
mlterm versions 2.5.0 to 2.9.1 are reported vulnerable.
Exploit / POC
Mlterm Background Image Integer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Mlterm Background Image Integer Overflow Vulnerability
Solution:
The vendor has released mlterm 2.9.2 to address this issue.
Gentoo has released advisory GLSA 200503-13 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:
emerge --sync
emerge --ask --oneshot --verbose ">=x11-terms/mlterm-2.9.2"
mlterm mlterm 2.5
mlterm mlterm 2.6
mlterm mlterm 2.6.1
mlterm mlterm 2.6.2
mlterm mlterm 2.6.3
mlterm mlterm 2.7
mlterm mlterm 2.8
mlterm mlterm 2.9
mlterm mlterm 2.9.1
Solution:
The vendor has released mlterm 2.9.2 to address this issue.
Gentoo has released advisory GLSA 200503-13 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:
emerge --sync
emerge --ask --oneshot --verbose ">=x11-terms/mlterm-2.9.2"
mlterm mlterm 2.5
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.6
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.6.1
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.6.2
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.6.3
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.7
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.8
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.9
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
mlterm mlterm 2.9.1
-
mlterm mlterm-2.9.2.tar.gz
http://prdownloads.sourceforge.net/mlterm/mlterm-2.9.2.tar.gz?download
References
Mlterm Background Image Integer Overflow Vulnerability
References:
References:
- mlterm Home Page (mlterm)
- mlterm(Multi Lingual TERMinal emulator): Release Notes (mlterm)