Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background.
| Software | From | Fixed in |
|---|---|---|
| mlterm / mlterm | 2.5 | 2.5.x |
| mlterm / mlterm | 2.6 | 2.6.x |
| mlterm / mlterm | 2.6.1 | 2.6.1.x |
| mlterm / mlterm | 2.6.2 | 2.6.2.x |
| mlterm / mlterm | 2.6.3 | 2.6.3.x |
| mlterm / mlterm | 2.7 | 2.7.x |
| mlterm / mlterm | 2.8 | 2.8.x |
| mlterm / mlterm | 2.9 | 2.9.x |
| mlterm / mlterm | 2.9.1 | 2.9.1.x |