Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-02-01T15:00:00

Updated: 2024-08-06T03:14:42.574Z

Reserved: 2017-01-25T00:00:00

Link: CVE-2016-10164

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-02-01T15:59:00.130

Modified: 2024-11-21T02:43:27.273

Link: CVE-2016-10164

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-12-12T00:00:00Z

Links: CVE-2016-10164 - Bugzilla