CVE-2009-2660

Publication date 4 August 2009

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in CamlImages 2.2 might allow context-dependent attackers to execute arbitrary code via images containing large width and height values that trigger a heap-based buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) crafted JPEG files (jpegread.c), a different vulnerability than CVE-2009-2295.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
camlimages	9.10 karmic	Not affected
	9.04 jaunty	Fixed 1:2.2.0-4+lenny2build0.9.04.1
	8.10 intrepid	Fixed 1:2.2.0-3ubuntu0.1
	8.04 LTS hardy	Fixed 1:2.2.0-2ubuntu2.1
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2009-2660