CVE-2010-1513

Name of the Vulnerable Software and Affected Versions Ziproxy versions prior to 3.0.1

Description The issue is related to multiple integer overflows in the src/image.c file, which can be exploited by remote attackers to execute arbitrary code. This can be achieved through a large JPG image related to the jpg2bitmap function or a large PNG image related to the png2bitmap function, leading to heap-based buffer overflows.

Recommendations For versions prior to 3.0.1, update to version 3.0.1 or later to resolve the issue. As a temporary workaround, consider restricting the processing of large JPG and PNG images to minimize the risk of exploitation.