Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/17053http://www.securityfocus.com/bid/10985http://marc.info/?l=bugtraq&m=109302498125092&w=2
