Description
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by zenith parsec · cremotelinux
https://www.exploit-db.com/exploits/20998
References (8)
Scores
EPSS
0.2556
EPSS Percentile
96.2%
Details
CWE
CWE-119
Status
published
Products (3)
xli/xli
1.16
xli/xli
1.17
xloadimage/xloadimage
4.1
Published
Oct 18, 2001
Tracked Since
Feb 18, 2026