CVE-2009-2286

Published: 1 July 2009

Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.

Priority

Status

Package	Release	Status
libcompface Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	hardy	Ignored (end of life)
	intrepid	Ignored (end of life, was needs-triage)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Not vulnerable (1:1.5.2-5)
	maverick	Not vulnerable (1:1.5.2-5)
	natty	Not vulnerable (1:1.5.2-5)
	oneiric	Not vulnerable (1:1.5.2-5)
	upstream	Needs triage

References

https://www.cve.org/CVERecord?id=CVE-2009-2286
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534973

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›