Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.
http://www.debian.org/security/2005/dsa-695
http://security.gentoo.org/glsa/glsa-200503-05.xml