DEBIAN-CVE-2009-2294

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2009-2294
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2009-2294.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2009-2294
Upstream
Published
2009-07-05T16:30:00.407Z
Modified
2026-04-28T20:11:13.184762Z
Summary
[none]
Details

Integer overflow in the Pngdatainfocallback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.

References

Affected packages

Debian:11 / dillo

Package

Name
dillo
Purl
pkg:deb/debian/dillo?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2009-2294.json"

Debian:12 / dillo

Package

Name
dillo
Purl
pkg:deb/debian/dillo?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2009-2294.json"

Debian:13 / dillo

Package

Name
dillo
Purl
pkg:deb/debian/dillo?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2009-2294.json"

Debian:14 / dillo

Package

Name
dillo
Purl
pkg:deb/debian/dillo?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0-1

Ecosystem specific 

{
    "urgency": "medium"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2009-2294.json"