cpe:/a:james_ashton:compface:1.4 cpe:/a:james_ashton:compface:1.5 cpe:/a:james_ashton:compface:1.5.1 cpe:/a:james_ashton:compface:1.5.2 CVE-2009-2286 2009-07-01T09:00:01.780-04:00 2009-09-02T01:24:08.767-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2009-07-01T10:50:00.000-04:00 BID 35863 MLIST [oss-security] 20090629 CVE id request: compface MLIST [oss-security] 20090629 Re: CVE id request: compface MLIST [oss-security] 20090703 Re: CVE id request: compface CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534973 Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.