Secunia Research has discovered two vulnerabilities in Ziproxy, which can be exploited by malicious people to compromise a vulnerable system. An integer overflow within the “jpg2bitmap()” function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted JPG images. An integer overflow within the “png2bitmap()” function in src/image.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images. Ziproxy version 3.0.0 is affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/89897/secunia-ziproxy.txt
Source: https://packetstormsecurity.com/files/89897/Ziproxy-Two-Integer-Overflow-Vulnerabilities.html