aMule Forum

English => Offtopic Section (Nonsense inside) => Topic started by: wuischke on September 19, 2009, 11:24:47 AM

Title: wxWidgets jpeg vulnerability
Post by: wuischke on September 19, 2009, 11:24:47 AM

wxWidgets 2.8.10 is affected from a problem related to jpeg files (can cause crash and possible code execution):

http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-2369
http://trac.wxwidgets.org/ticket/10993 (includes links to 3 relevant changesets)

Thought I'd share since I'm getting reports anyway and maybe we'll see it affecting aMule, too. (We use this in wxCas and aMuleweb, anywhere else?)

Title: Re: wxWidgets jpeg vulnerability
Post by: Stu Redman on September 19, 2009, 12:21:09 PM

wxImage is tied to GUI and thus not used in amuleweb. That's why the strange PNGlib is used.  :(

Title: Re: wxWidgets jpeg vulnerability
Post by: Kry on September 19, 2009, 08:42:16 PM

All our images are generated by the program, so I think we're safe.


If we did in-app preview or had a browser, it would be different.