CVE-2009-2660

Name of the Vulnerable Software and Affected Versions CamlImages version 2.2

Description The issue is related to multiple integer overflows that might allow attackers to execute arbitrary code. This can be triggered by images with large width and height values, leading to a heap-based buffer overflow. The vulnerability is associated with crafted GIF files in gifread.c and crafted JPEG files in jpegread.c.

Recommendations For CamlImages version 2.2, update to a version that fixes the integer overflows to prevent potential code execution. As a temporary workaround, consider restricting the processing of images with large width and height values to minimize the risk of exploitation. Avoid using the gifread.c and jpegread.c functions with untrusted image files until the issue is resolved.