Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6079

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-6079
Last Modified 07 Mar 2011 10:15:42
Published 06 Feb 2009 06:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6079

Summary

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."

Vulnerable Systems

Application

  • Enlightenment Imlib2 1.0

  • Enlightenment Imlib2 1.0.1

  • Enlightenment Imlib2 1.0.2

  • Enlightenment Imlib2 1.0.3

  • Enlightenment Imlib2 1.0.4

  • Enlightenment Imlib2 1.0.5

  • Enlightenment Imlib2 1.1

  • Enlightenment Imlib2 1.1.1

  • Enlightenment Imlib2 1.1.2

  • Enlightenment Imlib2 1.2.1

  • Enlightenment Imlib2 1.2.2

  • Enlightenment Imlib2 1.3.0

  • Enlightenment Imlib2 1.4.0

  • Enlightenment Imlib2 1.4.1


References

XF - imlib2-multiple-unspecified(46037)

VUPEN - ADV-2010-0803

VUPEN - ADV-2008-2898

BID - 31880

DEBIAN - DSA-2029

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=634778

SECUNIA - 39340

SECUNIA - 32354

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469


Last Updated: 27 May 2016 10:49:03