The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://rus.members.beeb.net/xzgv.html http://www.svgalib.org/rus/zgv/ http://www.idefense.com/application/poi/display?id=160&type=vulnerabilities&flashstatus=false http://marc.theaimsgroup.com/?l=bugtraq&m=109886210702781 http://marc.theaimsgroup.com/?l=bugtraq&m=109898111915661 http://www.vuxml.org/freebsd/249a8c42-6973-11d9-ae49-000c41e2cdad.html

The following packages are affected: zgv xzgv CVE-2004-0994 Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.