Description
Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the (1) RGN::run, (2) JTLS::run, or (3) SHD::run function. NOTE: some of these details are obtained from third party information.
References (3)
Core 3
Core References
Release Notes x_refsource_confirm
http://freshmeat.net/projects/iipimage/releases/309013
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37565
Vendor Advisory x_refsource_confirm
http://iipimage.sourceforge.net/blog/
Scores
EPSS
0.0287
EPSS Percentile
85.2%
Details
CWE
CWE-119
Status
published
Products (5)
ruven_pillay/iipimage_server
0.9.3
ruven_pillay/iipimage_server
0.9.4
ruven_pillay/iipimage_server
0.9.5
ruven_pillay/iipimage_server
0.9.6
ruven_pillay/iipimage_server
< 0.9.7
Published
Dec 08, 2009
Tracked Since
Feb 18, 2026