Nuspli

**Name of the Vulnerable Software and Affected Versions** libcaca versions 0.99.beta20 and earlier **Description** An integer overflow in the canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by supplying a crafted file in the "caca" format. Depending on the build configuration and memory allocator, this may lead to memory corruption or remote code execution. **Recommendations** Apply the fix provided in commit fb77acff9ba6bb01d53940da34fb10f20b156a23.