Sagelight BMP File Handling Remote Heap Buffer Overflow Vulnerability

Sagelight is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.

Sagelight 4.4 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus