Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5101

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5101
Last Modified 07 Mar 2011 10:13:53
Published 17 Nov 2008 01:18:47
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5101

Summary

Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow."

Vulnerable Systems

Application

  • Optipng 0.6

  • Optipng 0.6.1


References

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=639631&group_id=151404

CONFIRM - http://optipng.sourceforge.net/

XF - optipng-bmpreader-bo(46519)

VUPEN - ADV-2008-3108

BID - 32248

GENTOO - GLSA-200812-01

SECUNIA - 34259

SECUNIA - 32651

CONFIRM - http://prdownloads.sourceforge.net/optipng/optipng-0.6.1.1.diff?download

MLIST - [oss-security] 20081112 CVE Request -- OptiPNG

SUSE - SUSE-SR:2009:006

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505399


Last Updated: 27 May 2016 10:48:42