Vulnerabilities > XLI

DATE CVE VULNERABILITY TITLE RISK
2005-10-07 CVE-2005-3178 Remote Buffer Overflow vulnerability in XLoadImage
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
network
high complexity
xli xloadimage
5.1
2005-03-02 CVE-2005-0639 Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.
network
low complexity
xli altlinux suse
7.5
2005-03-02 CVE-2005-0638 xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
network
low complexity
xli altlinux suse
7.5
2001-10-18 CVE-2001-0775 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
network
low complexity
xli xloadimage CWE-119
7.5