All the vulnerabilites related to enlightenment - imlib2
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
],
"id": "CVE-2004-0802",
"lastModified": "2024-11-20T23:49:26.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 01:34
Severity ?
Summary
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| enlightenment | imlib2 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFC6193-29DF-41EC-92A8-EC25CFC020A4",
"versionEndIncluding": "1.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse."
},
{
"lang": "es",
"value": "Imlib2 en versiones anteriores a 1.4.9 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero y ca\u00edda de aplicaci\u00f3n) dibujando una elipse 2x1."
}
],
"id": "CVE-2011-5326",
"lastModified": "2024-11-21T01:34:09.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:00.140",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882"
},
{
"source": "cve@mitre.org",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-09 15:15
Modified
2024-11-21 09:00
Severity ?
Summary
An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://git.enlightenment.org/old/legacy-imlib2/issues/20 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/derf/feh/issues/709 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.enlightenment.org/old/legacy-imlib2/issues/20 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/derf/feh/issues/709 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56900F1D-B2C3-42AE-A2A8-FE0EFBCA5B17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image."
},
{
"lang": "es",
"value": "Un problema en la funci\u00f3n imlib_load_image_with_error_return de imlib2 v1.9.1 permite a los atacantes provocar un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico mediante el an\u00e1lisis de una imagen manipulada."
}
],
"id": "CVE-2024-25447",
"lastModified": "2024-11-21T09:00:49.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-09T15:15:08.967",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/derf/feh/issues/709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/derf/feh/issues/709"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-21 02:30
Modified
2024-11-21 00:53
Severity ?
Summary
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE10952-EB03-4E87-8E8A-51E2A786989A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a \"pointer arithmetic error\" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426."
},
{
"lang": "es",
"value": "La funci\u00f3n de carga en el cargador XPM para imlib2 v1.4.2, y posiblemente otras versiones, que permite a atacantes producir una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente una ejecuci\u00f3n de c\u00f3digo a elecci\u00f3n del atacante a trav\u00e9s de un fichero XPM que dispara un \"error aritm\u00e9tico de puntero\" desbordamiento de b\u00fafer basado en mont\u00edculo, se trata de una vulnerabilidad diferente de CVE-2008-2426. NOTA: La procedencia de la informaci\u00f3n es desconocida; Los detalles han sido obtenidos \u00fanicamente de una tercera parte."
}
],
"id": "CVE-2008-5187",
"lastModified": "2024-11-21T00:53:30.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-21T02:30:00.547",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/49970"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32796"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32843"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32949"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32963"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33323"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33568"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200812-23.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1672"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:019"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/5"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32371"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-683-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3212"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/49970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200812-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-683-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue does not affect the versions of imlib as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2008-11-21T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-16 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:desktop_10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49A34783-39EF-471A-9B8B-72CBF2BB3E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:server_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42FB8BA2-8651-4806-9172-0E03F6B7AAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:server_8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79B0F1A4-BE4C-4A33-B1F5-9C158B228D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE73E6EB-6712-4DD8-847B-67CCA9A8E0A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1066BFAC-0156-4440-A32B-BC1B5228DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
],
"id": "CVE-2004-0827",
"lastModified": "2024-11-20T23:49:30.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28800"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:21
Severity ?
Summary
Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2E2212-1CC0-45B9-8795-3F98FA80B912",
"versionEndIncluding": "1.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation."
},
{
"lang": "es",
"value": "Desbordamiento de entero en imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria o ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una imagen manipulada, lo que desencadena una operaci\u00f3n de lectura no v\u00e1lida."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/190.html\"\u003eCWE-190: Integer Overflow or Wraparound\u003c/a\u003e",
"id": "CVE-2014-9771",
"lastModified": "2024-11-21T02:21:38.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:04.780",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324774"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:21
Severity ?
Summary
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2E2212-1CC0-45B9-8795-3F98FA80B912",
"versionEndIncluding": "1.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap."
},
{
"lang": "es",
"value": "imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) a trav\u00e9s de una imagen GIF sin un mapa de colores."
}
],
"id": "CVE-2014-9762",
"lastModified": "2024-11-21T02:21:37.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:01.327",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90959"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=39641e74a560982fbf93f29bf96b37d27803cb56"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=39641e74a560982fbf93f29bf96b37d27803cb56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:21
Severity ?
Summary
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| enlightenment | imlib2 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2E2212-1CC0-45B9-8795-3F98FA80B912",
"versionEndIncluding": "1.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file."
},
{
"lang": "es",
"value": "imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo PNM manipulado."
}
],
"id": "CVE-2014-9763",
"lastModified": "2024-11-21T02:21:37.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:02.530",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90955"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=c21beaf1780cf3ca291735ae7d58a3dde63277a2"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=c21beaf1780cf3ca291735ae7d58a3dde63277a2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:51
Severity ?
Summary
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| enlightenment | imlib2 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFC6193-29DF-41EC-92A8-EC25CFC020A4",
"versionEndIncluding": "1.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "El cargador de GIF en imlib2 en versiones anteriores a 1.4.9 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) u obtener informaci\u00f3n sensible a trav\u00e9s de una imagen manipulada, lo que desencadena una lectura fuera de l\u00edmites."
}
],
"id": "CVE-2016-3994",
"lastModified": "2024-11-21T02:51:07.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:09.920",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-09 15:15
Modified
2024-11-21 09:00
Severity ?
Summary
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://git.enlightenment.org/old/legacy-imlib2/issues/20 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/derf/feh/issues/712 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.enlightenment.org/old/legacy-imlib2/issues/20 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/derf/feh/issues/712 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56900F1D-B2C3-42AE-A2A8-FE0EFBCA5B17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts()."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que imlib2 v1.9.1 maneja mal la asignaci\u00f3n de memoria en la funci\u00f3n init_imlib_fonts()."
}
],
"id": "CVE-2024-25450",
"lastModified": "2024-11-21T09:00:49.957",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-09T15:15:09.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/derf/feh/issues/712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/derf/feh/issues/712"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-22 14:30
Modified
2024-11-21 01:13
Severity ?
Summary
Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.4.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A550C8A3-2D50-4202-A462-C72CB71E7A7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h."
},
{
"lang": "es",
"value": "Multiples desbordamientos de b\u00fafer basado en memoria din\u00e1mica (heap) en imlib2 v1.4.3 permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros (1) ARGB, (2) XPM, o (3) BMP manipulados, relacionado con la macro IMAGE_DIMENSIONS_OK en lib/image.h.\r\n"
}
],
"id": "CVE-2010-0991",
"lastModified": "2024-11-21T01:13:22.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-22T14:30:00.900",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39354"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-54/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/510866/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-54/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/510866/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0959"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-09 15:15
Modified
2024-11-21 09:00
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://git.enlightenment.org/old/legacy-imlib2/issues/20 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/derf/feh/issues/711 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.enlightenment.org/old/legacy-imlib2/issues/20 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/derf/feh/issues/711 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56900F1D-B2C3-42AE-A2A8-FE0EFBCA5B17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image."
},
{
"lang": "es",
"value": "Un problema en la funci\u00f3n imlib_free_image_and_decache de imlib2 v1.9.1 permite a los atacantes provocar un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico mediante el an\u00e1lisis de una imagen manipulada."
}
],
"id": "CVE-2024-25448",
"lastModified": "2024-11-21T09:00:49.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-02-09T15:15:09.027",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/derf/feh/issues/711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/derf/feh/issues/711"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-122"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-07 00:07
Modified
2024-11-21 00:16
Severity ?
Summary
Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.0 | |
| enlightenment | imlib2 | 1.0.1 | |
| enlightenment | imlib2 | 1.0.2 | |
| enlightenment | imlib2 | 1.0.3 | |
| enlightenment | imlib2 | 1.0.4 | |
| enlightenment | imlib2 | 1.0.5 | |
| enlightenment | imlib2 | 1.1 | |
| enlightenment | imlib2 | 1.1.1 | |
| enlightenment | imlib2 | 1.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77B82E04-D219-4F39-BADD-CFAC50B29831",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en loader_tga.c en imlib2 anterior a 1.2.1, y posiblemente otras versiones, permite a atacantes con la intervenci\u00f3n del usuario provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una imagen TGA artesanal."
}
],
"id": "CVE-2006-4808",
"lastModified": "2024-11-21T00:16:48.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-11-07T00:07:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30103"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30068"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 do not include imlib2.",
"lastModified": "2006-11-22T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:51
Severity ?
Summary
Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFC6193-29DF-41EC-92A8-EC25CFC020A4",
"versionEndIncluding": "1.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates."
},
{
"lang": "es",
"value": "Error por un paso en la funci\u00f3n __imlib_MergeUpdate en lib/updates.c en imlib2 en versiones anteriores a 1.4.9 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de coordenadas manipuladas."
}
],
"id": "CVE-2016-3993",
"lastModified": "2024-11-21T02:51:07.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:08.967",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef"
},
{
"source": "cve@mitre.org",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
],
"id": "CVE-2004-0817",
"lastModified": "2024-11-20T23:49:29.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-07 00:07
Modified
2024-11-21 00:16
Severity ?
Summary
Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.0 | |
| enlightenment | imlib2 | 1.0.1 | |
| enlightenment | imlib2 | 1.0.2 | |
| enlightenment | imlib2 | 1.0.3 | |
| enlightenment | imlib2 | 1.0.4 | |
| enlightenment | imlib2 | 1.0.5 | |
| enlightenment | imlib2 | 1.1 | |
| enlightenment | imlib2 | 1.1.1 | |
| enlightenment | imlib2 | 1.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77B82E04-D219-4F39-BADD-CFAC50B29831",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en loader_pnm.c en imlib2 anterior a 1.2.1, y posiblemente otras versiones, permite a un atacante remoto con la intervenci\u00f3n del usuario provocar denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo de su elecci\u00f2n a trav\u00e9s de una imagen PNM manipulada."
}
],
"id": "CVE-2006-4809",
"lastModified": "2024-11-21T00:16:48.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-11-07T00:07:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30104"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30070"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 do not include imlib2.",
"lastModified": "2006-11-22T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-07 00:07
Modified
2024-11-21 00:16
Severity ?
Summary
Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.0 | |
| enlightenment | imlib2 | 1.0.1 | |
| enlightenment | imlib2 | 1.0.2 | |
| enlightenment | imlib2 | 1.0.3 | |
| enlightenment | imlib2 | 1.0.4 | |
| enlightenment | imlib2 | 1.0.5 | |
| enlightenment | imlib2 | 1.1 | |
| enlightenment | imlib2 | 1.1.1 | |
| enlightenment | imlib2 | 1.1.2 | |
| enlightenment | imlib2 | 1.2.1 | |
| enlightenment | imlib2 | 1.2.2 | |
| enlightenment | imlib2 | 1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77B82E04-D219-4F39-BADD-CFAC50B29831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5226AA6-9816-46EF-A6A3-3F96889947B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F57C34FD-CBD9-4FD7-98AB-8D9070BDAEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28062C25-078D-4268-8354-22BC41D5385D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images."
},
{
"lang": "es",
"value": "M\u00fatiples desbordamientos de enteros en imlib2 permite a un atacante remoto con la intervenci\u00f3n del usuario provocar denegaci\u00f3n de servicio (caida) y posiblemente ejecuci\u00f3n ed c\u00f3digo de su elecci\u00f3n a trav\u00e9s de im\u00e1genes manipuladas (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), o (5) TIFF (loader_tiff.c) ."
}
],
"id": "CVE-2006-4806",
"lastModified": "2024-11-21T00:16:47.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-11-07T00:07:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30105"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30106"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30107"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30108"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30109"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30064"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 do not include imlib2.",
"lastModified": "2006-11-22T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:51
Severity ?
Summary
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFC6193-29DF-41EC-92A8-EC25CFC020A4",
"versionEndIncluding": "1.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation."
},
{
"lang": "es",
"value": "Desbordamiento de entero en imlib2 en versiones anteriores a 1.4.9 en plataformas de 32-bit permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una imagen de grandes dimensiones, lo que desencadena una operaci\u00f3n de escritura de memoria din\u00e1mica fuera de l\u00edmites."
}
],
"id": "CVE-2016-4024",
"lastModified": "2024-11-21T02:51:11.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:10.937",
"references": [
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/86073"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035573"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"source": "security@debian.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/86073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-06 11:30
Modified
2024-11-21 00:55
Severity ?
Summary
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | * | |
| enlightenment | imlib2 | 1.0 | |
| enlightenment | imlib2 | 1.0.1 | |
| enlightenment | imlib2 | 1.0.2 | |
| enlightenment | imlib2 | 1.0.3 | |
| enlightenment | imlib2 | 1.0.4 | |
| enlightenment | imlib2 | 1.0.5 | |
| enlightenment | imlib2 | 1.1 | |
| enlightenment | imlib2 | 1.1.1 | |
| enlightenment | imlib2 | 1.1.2 | |
| enlightenment | imlib2 | 1.2.1 | |
| enlightenment | imlib2 | 1.2.2 | |
| enlightenment | imlib2 | 1.3.0 | |
| enlightenment | imlib2 | 1.4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6997D8-C9BF-4E5F-BD99-CEEDD8CEBAB7",
"versionEndIncluding": "1.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77B82E04-D219-4F39-BADD-CFAC50B29831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5226AA6-9816-46EF-A6A3-3F96889947B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F57C34FD-CBD9-4FD7-98AB-8D9070BDAEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9339D529-EC82-4DC9-B5A3-FBB33D5244B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1967608B-F636-43C2-9C10-56A36484FF09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to \"several heap and stack based buffer overflows - partly due to integer overflows.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en mlib2 anterior a v1.4.2 tienen un impacto y vectores de ataque desconocidos."
}
],
"id": "CVE-2008-6079",
"lastModified": "2024-11-21T00:55:37.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-02-06T11:30:00.360",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32354"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39340"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?release_id=634778"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2029"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31880"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2898"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0803"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?release_id=634778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46037"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-07 00:07
Modified
2024-11-21 00:16
Severity ?
Summary
loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.0 | |
| enlightenment | imlib2 | 1.0.1 | |
| enlightenment | imlib2 | 1.0.2 | |
| enlightenment | imlib2 | 1.0.3 | |
| enlightenment | imlib2 | 1.0.4 | |
| enlightenment | imlib2 | 1.0.5 | |
| enlightenment | imlib2 | 1.1 | |
| enlightenment | imlib2 | 1.1.1 | |
| enlightenment | imlib2 | 1.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77B82E04-D219-4F39-BADD-CFAC50B29831",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808."
},
{
"lang": "es",
"value": "loader_tga.c en imlib2 anterior a 1.2.1, y posiblemenet otras versiones, permite a un atacante remoto con la intervenci\u00f3n de un usuario provocar denegaci\u00f3n de servicio (caida) a trav\u00e9s de im\u00e1genes TGA manipuladas que disparan una lectura de memoria fuera de rango, un asunto diferente que el CVE-2006-4808."
}
],
"id": "CVE-2006-4807",
"lastModified": "2024-11-21T00:16:48.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-11-07T00:07:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/30102"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30066"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 do not include imlib2.",
"lastModified": "2006-11-22T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-13 16:59
Modified
2024-11-21 02:21
Severity ?
Summary
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| enlightenment | imlib2 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2E2212-1CC0-45B9-8795-3F98FA80B912",
"versionEndIncluding": "1.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file."
},
{
"lang": "es",
"value": "imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) a trav\u00e9s de un archivo GIF manipulado."
}
],
"id": "CVE-2014-9764",
"lastModified": "2024-11-21T02:21:37.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-13T16:59:03.563",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90962"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=1f9b0b32728803a1578e658cd0955df773e34f49"
},
{
"source": "cve@mitre.org",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=1f9b0b32728803a1578e658cd0955df773e34f49"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-09 18:15
Modified
2024-11-21 05:00
Severity ?
Summary
modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| enlightenment | imlib2 | 1.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "838D64A8-18DE-4FB1-933E-9564B7B55EC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map."
},
{
"lang": "es",
"value": "El archivo modules/loaders/loader_ico.c en imlib2 versi\u00f3n 1.6.0, presenta un desbordamiento de enteros (con unas asignaciones de memoria no v\u00e1lidas resultantes y lecturas fuera de l\u00edmites) por medio de un icono con muchos colores en su mapa de colores."
}
],
"id": "CVE-2020-12761",
"lastModified": "2024-11-21T05:00:13.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-09T18:15:11.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2004-0827
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vupen.com/english/advisories/2008/0412 | vdb-entry, x_refsource_VUPEN | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.debian.org/security/2004/dsa-547 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2004-494.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2004-480.html | vendor-advisory, x_refsource_REDHAT | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1 | vendor-advisory, x_refsource_SUNALERT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17173 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/28800 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11123",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28800"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11123",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28800"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11123",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28800"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0827",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-02T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4806
Vulnerability from cvelistv5
Published
2006-11-07 00:00
Modified
2024-08-07 19:23
Severity ?
EPSS score ?
Summary
Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "30106",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30106"
},
{
"name": "30109",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30109"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"name": "30108",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30108"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "30105",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30105"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "30107",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30107"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"name": "imlib2-load-overflow(30064)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "30106",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30106"
},
{
"name": "30109",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30109"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"name": "30108",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30108"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "30105",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30105"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "30107",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30107"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
},
{
"name": "imlib2-load-overflow(30064)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30064"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-4806",
"datePublished": "2006-11-07T00:00:00",
"dateReserved": "2006-09-15T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0817
Vulnerability from cvelistv5
Published
2004-09-17 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2004-465.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2004/dsa-548 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:089 | vendor-advisory, x_refsource_MANDRAKE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17182 | vdb-entry, x_refsource_XF | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.securityfocus.com/bid/11084 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:465",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0817",
"datePublished": "2004-09-17T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4024
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227 | x_refsource_CONFIRM | |
| https://sourceforge.net/p/enlightenment/mailman/message/35055012/ | mailing-list, x_refsource_MLIST | |
| https://security.gentoo.org/glsa/201611-12 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2016/dsa-3555 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securitytracker.com/id/1035573 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/86073 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "1035573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035573"
},
{
"name": "86073",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/86073"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "1035573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035573"
},
{
"name": "86073",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/86073"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-4024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=7eba2e4c8ac0e20838947f10f29d0efe1add8227"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"refsource": "MLIST",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "GLSA-201611-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3555",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "1035573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035573"
},
{
"name": "86073",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86073"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2016-4024",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-04-14T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9763
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201611-12 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/90955 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2016/dsa-3537 | vendor-advisory, x_refsource_DEBIAN | |
| https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=c21beaf1780cf3ca291735ae7d58a3dde63277a2 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "90955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90955"
},
{
"name": "DSA-3537",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=c21beaf1780cf3ca291735ae7d58a3dde63277a2"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "90955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90955"
},
{
"name": "DSA-3537",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=c21beaf1780cf3ca291735ae7d58a3dde63277a2"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9763",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "GLSA-201611-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "90955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90955"
},
{
"name": "DSA-3537",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=c21beaf1780cf3ca291735ae7d58a3dde63277a2",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=c21beaf1780cf3ca291735ae7d58a3dde63277a2"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9763",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0991
Vulnerability from cvelistv5
Published
2010-04-22 14:00
Modified
2024-08-07 01:06
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/39354 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/510866/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2010/0959 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/secunia_research/2010-54/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:06:52.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39354"
},
{
"name": "20100421 Secunia Research: imlib2 \"IMAGE_DIMENSIONS_OK()\" Logic Error",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510866/100/0/threaded"
},
{
"name": "ADV-2010-0959",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0959"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2010-54/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "39354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39354"
},
{
"name": "20100421 Secunia Research: imlib2 \"IMAGE_DIMENSIONS_OK()\" Logic Error",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510866/100/0/threaded"
},
{
"name": "ADV-2010-0959",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0959"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2010-54/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-0991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39354"
},
{
"name": "20100421 Secunia Research: imlib2 \"IMAGE_DIMENSIONS_OK()\" Logic Error",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510866/100/0/threaded"
},
{
"name": "ADV-2010-0959",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0959"
},
{
"name": "http://secunia.com/secunia_research/2010-54/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-54/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2010-0991",
"datePublished": "2010-04-22T14:00:00",
"dateReserved": "2010-03-18T00:00:00",
"dateUpdated": "2024-08-07T01:06:52.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5187
Vulnerability from cvelistv5
Published
2008-11-21 02:00
Modified
2024-08-07 10:40
Severity ?
EPSS score ?
Summary
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2009:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:019"
},
{
"name": "DSA-1672",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1672"
},
{
"name": "32949",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32949"
},
{
"name": "[oss-security] 20081120 CVE Request: imlib2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/5"
},
{
"name": "32963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32963"
},
{
"name": "33323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33323"
},
{
"name": "USN-683-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-683-1"
},
{
"name": "49970",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49970"
},
{
"name": "32796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32796"
},
{
"name": "SUSE-SR:2009:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "33568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33568"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15"
},
{
"name": "32371",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32371"
},
{
"name": "GLSA-200812-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-23.xml"
},
{
"name": "ADV-2008-3212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3212"
},
{
"name": "32843",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32843"
},
{
"name": "FEDORA-2008-10296",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html"
},
{
"name": "FEDORA-2008-10287",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a \"pointer arithmetic error\" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-12-03T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2009:019",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:019"
},
{
"name": "DSA-1672",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1672"
},
{
"name": "32949",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32949"
},
{
"name": "[oss-security] 20081120 CVE Request: imlib2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/5"
},
{
"name": "32963",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32963"
},
{
"name": "33323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33323"
},
{
"name": "USN-683-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-683-1"
},
{
"name": "49970",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49970"
},
{
"name": "32796",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32796"
},
{
"name": "SUSE-SR:2009:002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "33568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33568"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15"
},
{
"name": "32371",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32371"
},
{
"name": "GLSA-200812-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200812-23.xml"
},
{
"name": "ADV-2008-3212",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3212"
},
{
"name": "32843",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32843"
},
{
"name": "FEDORA-2008-10296",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html"
},
{
"name": "FEDORA-2008-10287",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a \"pointer arithmetic error\" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2009:019",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:019"
},
{
"name": "DSA-1672",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1672"
},
{
"name": "32949",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32949"
},
{
"name": "[oss-security] 20081120 CVE Request: imlib2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/20/5"
},
{
"name": "32963",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32963"
},
{
"name": "33323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33323"
},
{
"name": "USN-683-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-683-1"
},
{
"name": "49970",
"refsource": "OSVDB",
"url": "http://osvdb.org/49970"
},
{
"name": "32796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32796"
},
{
"name": "SUSE-SR:2009:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
},
{
"name": "33568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33568"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15"
},
{
"name": "32371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32371"
},
{
"name": "GLSA-200812-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-23.xml"
},
{
"name": "ADV-2008-3212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3212"
},
{
"name": "32843",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32843"
},
{
"name": "FEDORA-2008-10296",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html"
},
{
"name": "FEDORA-2008-10287",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5187",
"datePublished": "2008-11-21T02:00:00",
"dateReserved": "2008-11-20T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0802
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
References
| ▼ | URL | Tags |
|---|---|---|
| http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup | x_refsource_MISC | |
| http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 | vendor-advisory, x_refsource_CONECTIVA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17183 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/11084 | vdb-entry, x_refsource_BID | |
| http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"name": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html",
"refsource": "CONFIRM",
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0802",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4809
Vulnerability from cvelistv5
Published
2006-11-07 00:00
Modified
2024-08-07 19:23
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "imlib2-loaderpnmc-bo(30070)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30070"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "30104",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30104"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "imlib2-loaderpnmc-bo(30070)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30070"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "30104",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30104"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-4809",
"datePublished": "2006-11-07T00:00:00",
"dateReserved": "2006-09-15T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12761
Vulnerability from cvelistv5
Published
2020-05-09 17:21
Modified
2024-08-04 12:04
Severity ?
EPSS score ?
Summary
modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-09T17:21:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12761",
"datePublished": "2020-05-09T17:21:51",
"dateReserved": "2020-05-09T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3993
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef | x_refsource_CONFIRM | |
| https://sourceforge.net/p/enlightenment/mailman/message/35055012/ | mailing-list, x_refsource_MLIST | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3555 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:32.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"refsource": "MLIST",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819818"
},
{
"name": "DSA-3555",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3993",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-04-10T00:00:00",
"dateUpdated": "2024-08-06T00:10:32.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25450
Vulnerability from cvelistv5
Published
2024-02-09 00:00
Modified
2024-08-27 17:41
Severity ?
EPSS score ?
Summary
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/derf/feh/issues/712"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25450",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T17:40:58.974303Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T17:41:54.821Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts()."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T14:44:11.247050",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/derf/feh/issues/712"
},
{
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25450",
"datePublished": "2024-02-09T00:00:00",
"dateReserved": "2024-02-07T00:00:00",
"dateUpdated": "2024-08-27T17:41:54.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9771
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1324774 | x_refsource_CONFIRM | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3555 | vendor-advisory, x_refsource_DEBIAN | |
| https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9771",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1324774",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1324774"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820206"
},
{
"name": "DSA-3555",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=143f299"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9771",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-04-10T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25447
Vulnerability from cvelistv5
Published
2024-02-09 00:00
Modified
2024-08-01 23:44
Severity ?
EPSS score ?
Summary
An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/derf/feh/issues/709"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T14:44:07.622791",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/derf/feh/issues/709"
},
{
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25447",
"datePublished": "2024-02-09T00:00:00",
"dateReserved": "2024-02-07T00:00:00",
"dateUpdated": "2024-08-01T23:44:09.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6079
Vulnerability from cvelistv5
Published
2009-02-06 11:00
Modified
2024-08-07 11:20
Severity ?
EPSS score ?
Summary
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."
References
| ▼ | URL | Tags |
|---|---|---|
| http://sourceforge.net/project/shownotes.php?release_id=634778 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2010/dsa-2029 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.vupen.com/english/advisories/2010/0803 | vdb-entry, x_refsource_VUPEN | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46037 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/31880 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/32354 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2898 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/39340 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:24.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=634778"
},
{
"name": "DSA-2029",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2029"
},
{
"name": "ADV-2010-0803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0803"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469"
},
{
"name": "imlib2-multiple-unspecified(46037)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46037"
},
{
"name": "31880",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31880"
},
{
"name": "32354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32354"
},
{
"name": "ADV-2008-2898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2898"
},
{
"name": "39340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39340"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to \"several heap and stack based buffer overflows - partly due to integer overflows.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=634778"
},
{
"name": "DSA-2029",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2029"
},
{
"name": "ADV-2010-0803",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0803"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469"
},
{
"name": "imlib2-multiple-unspecified(46037)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46037"
},
{
"name": "31880",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31880"
},
{
"name": "32354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32354"
},
{
"name": "ADV-2008-2898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2898"
},
{
"name": "39340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39340"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to \"several heap and stack based buffer overflows - partly due to integer overflows.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=634778",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=634778"
},
{
"name": "DSA-2029",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2029"
},
{
"name": "ADV-2010-0803",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0803"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469"
},
{
"name": "imlib2-multiple-unspecified(46037)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46037"
},
{
"name": "31880",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31880"
},
{
"name": "32354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32354"
},
{
"name": "ADV-2008-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2898"
},
{
"name": "39340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39340"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6079",
"datePublished": "2009-02-06T11:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T11:20:24.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3994
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8 | x_refsource_CONFIRM | |
| https://sourceforge.net/p/enlightenment/mailman/message/35055012/ | mailing-list, x_refsource_MLIST | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3555 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:29.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=37a96801663b7b4cd3fbe56cc0eb8b6a17e766a8"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"refsource": "MLIST",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369"
},
{
"name": "DSA-3555",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3994",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-04-10T00:00:00",
"dateUpdated": "2024-08-06T00:17:29.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4808
Vulnerability from cvelistv5
Published
2006-11-07 00:00
Modified
2024-08-07 19:23
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "imlib2-loadertgac-bo(30068)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30068"
},
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "30103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30103"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "imlib2-loadertgac-bo(30068)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30068"
},
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "30103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30103"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-4808",
"datePublished": "2006-11-07T00:00:00",
"dateReserved": "2006-09-15T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9764
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/90962 | vdb-entry, x_refsource_BID | |
| https://security.gentoo.org/glsa/201611-12 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2016/dsa-3537 | vendor-advisory, x_refsource_DEBIAN | |
| https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=1f9b0b32728803a1578e658cd0955df773e34f49 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "90962",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90962"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3537",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=1f9b0b32728803a1578e658cd0955df773e34f49"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "90962",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90962"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3537",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=1f9b0b32728803a1578e658cd0955df773e34f49"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9764",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "90962",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90962"
},
{
"name": "GLSA-201611-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3537",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=1f9b0b32728803a1578e658cd0955df773e34f49",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=1f9b0b32728803a1578e658cd0955df773e34f49"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9764",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9762
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-06 13:55
Severity ?
EPSS score ?
Summary
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201611-12 | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2016/dsa-3537 | vendor-advisory, x_refsource_DEBIAN | |
| https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/90959 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3537",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=39641e74a560982fbf93f29bf96b37d27803cb56"
},
{
"name": "90959",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90959"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "GLSA-201611-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3537",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=39641e74a560982fbf93f29bf96b37d27803cb56"
},
{
"name": "90959",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90959"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog"
},
{
"name": "GLSA-201611-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-12"
},
{
"name": "DSA-3537",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3537"
},
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=39641e74a560982fbf93f29bf96b37d27803cb56",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7\u0026id=39641e74a560982fbf93f29bf96b37d27803cb56"
},
{
"name": "90959",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90959"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9762",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-01-22T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4807
Vulnerability from cvelistv5
Published
2006-11-07 00:00
Modified
2024-08-07 19:23
Severity ?
EPSS score ?
Summary
loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "30102",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30102"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "imlib2-loadertgac-dos(30066)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30066"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "22932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22932"
},
{
"name": "MDKSA-2007:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:156"
},
{
"name": "22752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22752"
},
{
"name": "MDKSA-2006:198",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:198"
},
{
"name": "SUSE-SR:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"name": "30102",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30102"
},
{
"name": "20903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20903"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz"
},
{
"name": "USN-376-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-2"
},
{
"name": "GLSA-200612-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-20.xml"
},
{
"name": "ADV-2006-4349",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4349"
},
{
"name": "imlib2-loadertgac-dos(30066)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30066"
},
{
"name": "23441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23441"
},
{
"name": "22732",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22732"
},
{
"name": "22744",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22744"
},
{
"name": "USN-376-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-376-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-4807",
"datePublished": "2006-11-07T00:00:00",
"dateReserved": "2006-09-15T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-5326
Vulnerability from cvelistv5
Published
2016-05-13 16:00
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.
References
| ▼ | URL | Tags |
|---|---|---|
| https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882 | x_refsource_CONFIRM | |
| https://sourceforge.net/p/enlightenment/mailman/message/35055012/ | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2016/dsa-3555 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:47.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "DSA-3555",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414"
},
{
"name": "openSUSE-SU-2016:1330",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882",
"refsource": "CONFIRM",
"url": "https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c94d83ccab15d5ef02f88d42dce38ed3f0892882"
},
{
"name": "[Enlightenment-announce] 20160501 imlib2 1.4.9",
"refsource": "MLIST",
"url": "https://sourceforge.net/p/enlightenment/mailman/message/35055012/"
},
{
"name": "DSA-3555",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3555"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639414"
},
{
"name": "openSUSE-SU-2016:1330",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5326",
"datePublished": "2016-05-13T16:00:00",
"dateReserved": "2016-04-10T00:00:00",
"dateUpdated": "2024-08-07T00:30:47.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-25448
Vulnerability from cvelistv5
Published
2024-02-09 00:00
Modified
2024-08-19 16:21
Severity ?
EPSS score ?
Summary
An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/derf/feh/issues/711"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:enlightenment:imlib2:1.9.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "imlib2",
"vendor": "enlightenment",
"versions": [
{
"status": "affected",
"version": "1.9.1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-25448",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T16:20:13.523364Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T16:21:50.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-09T14:44:08.660429",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/derf/feh/issues/711"
},
{
"url": "https://git.enlightenment.org/old/legacy-imlib2/issues/20"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25448",
"datePublished": "2024-02-09T00:00:00",
"dateReserved": "2024-02-07T00:00:00",
"dateUpdated": "2024-08-19T16:21:50.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}