Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2426

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2426
Last Modified 06 Sep 2011 12:00:00
Published 02 Jun 2008 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2426

Summary

Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_pnm.c; or (2) a crafted XPM image, related to the load function in src/modules/loader_xpm.c.

Vulnerable Systems

Application

  • Carsten Haitzler Imlib2 1.4.0


References

FEDORA - FEDORA-2008-4950

FEDORA - FEDORA-2008-4871

FEDORA - FEDORA-2008-4842

XF - imlib2-pnm-xpm-bo(42732)

VUPEN - ADV-2008-1700

UBUNTU - USN-697-1

BID - 29417

BUGTRAQ - 20080529 Secunia Research: imlib2 PNM and XPM Buffer Overflow

MANDRIVA - MDVSA-2008:123

GENTOO - GLSA-200806-03

DEBIAN - DSA-1594

SECTRACK - 1020146

MISC - http://secunia.com/secunia_research/2008-25/advisory/

SECUNIA - 31982

SECUNIA - 30727

SECUNIA - 30572

SECUNIA - 30485

SECUNIA - 30401

SUSE - SUSE-SR:2008:018


Last Updated: 27 May 2016 10:47:52