Debian Plib vulnerabilities

CVE-2021-38714 [HIGH] CVE-2021-38714: plib - In Plib through 1.85, there is an integer overflow vulnerability that could resu... In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file. Scope: local bookworm: resolved (fixed in 1.8.5-10) bullseye: resolved (fixed in 1.8.5-8+deb11u1) forky: resolved (fixed in 1.8.5-10) sid: resolved (fixed in 1.8.5-10) trixie:

CVE-2012-4552 [MEDIUM] CVE-2012-4552: plib - Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1... Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file. Scope: local bookworm: resolved (fixed in 1.8.5-6) bullseye: resolved (fixed in 1.8.5-6) forky: resolved (fixed in 1.8.5-6) sid: resolved (f

CVE-2011-4620 [CRITICAL] CVE-2011-4620: plib - Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as... Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information. Scope: local bookwor