cvelistv5 - cve-2002-0168

cve-2002-0168

Vulnerability from cvelistv5

Published

2002-06-25 04:00

Modified

2024-08-08 02:42

Severity ?

Summary

Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470
cve@mitre.org	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php
cve@mitre.org	http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-048.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/4336
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-048.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4336

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:42:27.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "4336",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4336"
          },
          {
            "name": "SuSE-SA:2002:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
          },
          {
            "name": "RHSA-2002:048",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
          },
          {
            "name": "MDKSA-2002:029",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
          },
          {
            "name": "CSSA-2002-019.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
          },
          {
            "name": "CLA-2002:470",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-06-16T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "4336",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4336"
        },
        {
          "name": "SuSE-SA:2002:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
        },
        {
          "name": "RHSA-2002:048",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
        },
        {
          "name": "MDKSA-2002:029",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
        },
        {
          "name": "CSSA-2002-019.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
        },
        {
          "name": "CLA-2002:470",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0168",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "4336",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4336"
            },
            {
              "name": "SuSE-SA:2002:015",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
            },
            {
              "name": "RHSA-2002:048",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
            },
            {
              "name": "MDKSA-2002:029",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
            },
            {
              "name": "CSSA-2002-019.0",
              "refsource": "CALDERA",
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
            },
            {
              "name": "CLA-2002:470",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0168",
    "datePublished": "2002-06-25T04:00:00",
    "dateReserved": "2002-04-10T00:00:00",
    "dateUpdated": "2024-08-08T02:42:27.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC774637-8B95-4C69-8665-86A67EAEBB24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9928B65C-A2F3-4D95-9A73-6DE4415463B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"072BDD6E-D815-4996-B78C-42502FB8BE05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE9D28DB-FFC6-4C7F-89F6-85740B239271\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"988CDE52-220B-489D-9644-94CC5274E678\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B49B4277-ECFD-4568-94C1-6E02BF238A2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"882A873F-D3D3-4E11-9C6B-B45C53672711\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DA760F0-EFA2-4B4E-BB95-8FD857CD3250\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C72DEC7-5558-4121-89CE-6E9B382C849E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6880B01C-0804-4CCF-9916-89807BBD4C8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FE16231-4FB4-4D30-BE83-AD400E357280\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27937897-40B1-4D86-AFF0-ACA1B7F7A33E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A533869A-BAF1-4A26-AD33-0C4B6A62AA65\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en Imlib antes de 1.9.13 permiten a atacantes causar una denegaci\\u00f3n de servicio (ca\\u00edda) y posiblemente ejecutar c\\u00f3digo arbitrario manipulando argumentos que se pasan a malloc(), lo que produce corrupci\\u00f3n el el mont\\u00f3n (heap).\"}]",
      "id": "CVE-2002-0168",
      "lastModified": "2024-11-20T23:38:28.060",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2002-04-22T04:00:00.000",
      "references": "[{\"url\": \"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2002-048.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/4336\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2002-048.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/4336\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-0168\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-04-22T04:00:00.000\",\"lastModified\":\"2024-11-20T23:38:28.060\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en Imlib antes de 1.9.13 permiten a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario manipulando argumentos que se pasan a malloc(), lo que produce corrupci\u00f3n el el mont\u00f3n (heap).\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC774637-8B95-4C69-8665-86A67EAEBB24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9928B65C-A2F3-4D95-9A73-6DE4415463B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"072BDD6E-D815-4996-B78C-42502FB8BE05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE9D28DB-FFC6-4C7F-89F6-85740B239271\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"988CDE52-220B-489D-9644-94CC5274E678\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B49B4277-ECFD-4568-94C1-6E02BF238A2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"882A873F-D3D3-4E11-9C6B-B45C53672711\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DA760F0-EFA2-4B4E-BB95-8FD857CD3250\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C72DEC7-5558-4121-89CE-6E9B382C849E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6880B01C-0804-4CCF-9916-89807BBD4C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE16231-4FB4-4D30-BE83-AD400E357280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27937897-40B1-4D86-AFF0-ACA1B7F7A33E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A533869A-BAF1-4A26-AD33-0C4B6A62AA65\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-048.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/4336\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2002-048.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/4336\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2002-0168

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2002-0168

Aliases

CVE-2002-0168

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-0168",
    "description": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.",
    "id": "GSD-2002-0168",
    "references": [
      "https://access.redhat.com/errata/RHSA-2002:048"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-0168"
      ],
      "details": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.",
      "id": "GSD-2002-0168",
      "modified": "2023-12-13T01:24:06.711687Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-0168",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "4336",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/4336"
          },
          {
            "name": "SuSE-SA:2002:015",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
          },
          {
            "name": "RHSA-2002:048",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
          },
          {
            "name": "MDKSA-2002:029",
            "refsource": "MANDRAKE",
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
          },
          {
            "name": "CSSA-2002-019.0",
            "refsource": "CALDERA",
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
          },
          {
            "name": "CLA-2002:470",
            "refsource": "CONECTIVA",
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0168"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2002:048",
              "refsource": "REDHAT",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
            },
            {
              "name": "CLA-2002:470",
              "refsource": "CONECTIVA",
              "tags": [],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
            },
            {
              "name": "CSSA-2002-019.0",
              "refsource": "CALDERA",
              "tags": [],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
            },
            {
              "name": "MDKSA-2002:029",
              "refsource": "MANDRAKE",
              "tags": [],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
            },
            {
              "name": "SuSE-SA:2002:015",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
            },
            {
              "name": "4336",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/4336"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2008-09-11T00:00Z",
      "publishedDate": "2002-04-22T04:00Z"
    }
  }
}

rhsa-2002:048

Vulnerability from csaf_redhat

Published

2002-03-21 15:48

Modified

2024-11-21 22:19

Summary

Red Hat Security Advisory: : New imlib packages available

Notes

Topic

Updated imlib packages are now available for Red Hat Linux 6.2, 7, 7.1 and 7.2 which fix potential problems loading untrusted images.

Details

Imlib versions prior to 1.9.13 would fall back to loading images via the NetPBM package, which has various problems making it unsuitable for loading untrusted images. Imlib 1.9.13 also fixes various problems in arguments passed to malloc(). These problems may allow attackers to construct images that, when loaded by a viewer using Imlib, could cause crashes or potentially the execution of arbitrary code. Users are advised to upgrade to these errata packages, which contain Imlib 1.9.13. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2002-0167, CAN-2002-0168 to these issues. [update May 16 2002] The previous release of this errata fixed the aforementioned security problems but had a file descriptor leak and a bug which would cause some applications (such as the Enlightenment window manager) to hang. These updated packages fix these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated imlib packages are now available for Red Hat Linux 6.2, 7,\n7.1 and 7.2 which fix potential problems loading untrusted images.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Imlib versions prior to 1.9.13 would fall back to loading images\nvia the NetPBM package, which has various problems making it\nunsuitable for loading untrusted images. Imlib 1.9.13 also fixes\nvarious problems in arguments passed to malloc().\n\nThese problems may allow attackers to construct images that,\nwhen loaded by a viewer using Imlib, could cause crashes \nor potentially the execution of arbitrary code.\n\nUsers are advised to upgrade to these errata packages, which\ncontain Imlib 1.9.13.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the names CAN-2002-0167, CAN-2002-0168 to these issues.\n\n[update May 16 2002]\nThe previous release of this errata fixed the aforementioned security\nproblems but had a file descriptor leak and a bug which would cause some\napplications (such as the Enlightenment window manager) to hang. These\nupdated packages fix these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:048",
        "url": "https://access.redhat.com/errata/RHSA-2002:048"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_048.json"
      }
    ],
    "title": "Red Hat Security Advisory: : New imlib packages available",
    "tracking": {
      "current_release_date": "2024-11-21T22:19:20+00:00",
      "generator": {
        "date": "2024-11-21T22:19:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:048",
      "initial_release_date": "2002-03-21T15:48:00+00:00",
      "revision_history": [
        {
          "date": "2002-03-21T15:48:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:19:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 6.2",
                "product": {
                  "name": "Red Hat Linux 6.2",
                  "product_id": "Red Hat Linux 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:6.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.0",
                "product": {
                  "name": "Red Hat Linux 7.0",
                  "product_id": "Red Hat Linux 7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.2",
                "product": {
                  "name": "Red Hat Linux 7.2",
                  "product_id": "Red Hat Linux 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0167",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616750"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0167"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616750",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616750"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0167",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0167"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0167",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0167"
        }
      ],
      "release_date": "2002-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-21T15:48:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:048"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0168",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616751"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616751",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616751"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168"
        }
      ],
      "release_date": "2002-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-21T15:48:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:048"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}

RHSA-2002:048

Vulnerability from csaf_redhat

Published

2002-03-21 15:48

Modified

2024-11-21 22:19

Summary

Red Hat Security Advisory: : New imlib packages available

Notes

Topic

Updated imlib packages are now available for Red Hat Linux 6.2, 7, 7.1 and 7.2 which fix potential problems loading untrusted images.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated imlib packages are now available for Red Hat Linux 6.2, 7,\n7.1 and 7.2 which fix potential problems loading untrusted images.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Imlib versions prior to 1.9.13 would fall back to loading images\nvia the NetPBM package, which has various problems making it\nunsuitable for loading untrusted images. Imlib 1.9.13 also fixes\nvarious problems in arguments passed to malloc().\n\nThese problems may allow attackers to construct images that,\nwhen loaded by a viewer using Imlib, could cause crashes \nor potentially the execution of arbitrary code.\n\nUsers are advised to upgrade to these errata packages, which\ncontain Imlib 1.9.13.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the names CAN-2002-0167, CAN-2002-0168 to these issues.\n\n[update May 16 2002]\nThe previous release of this errata fixed the aforementioned security\nproblems but had a file descriptor leak and a bug which would cause some\napplications (such as the Enlightenment window manager) to hang. These\nupdated packages fix these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:048",
        "url": "https://access.redhat.com/errata/RHSA-2002:048"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_048.json"
      }
    ],
    "title": "Red Hat Security Advisory: : New imlib packages available",
    "tracking": {
      "current_release_date": "2024-11-21T22:19:20+00:00",
      "generator": {
        "date": "2024-11-21T22:19:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:048",
      "initial_release_date": "2002-03-21T15:48:00+00:00",
      "revision_history": [
        {
          "date": "2002-03-21T15:48:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:19:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 6.2",
                "product": {
                  "name": "Red Hat Linux 6.2",
                  "product_id": "Red Hat Linux 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:6.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.0",
                "product": {
                  "name": "Red Hat Linux 7.0",
                  "product_id": "Red Hat Linux 7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.2",
                "product": {
                  "name": "Red Hat Linux 7.2",
                  "product_id": "Red Hat Linux 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0167",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616750"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0167"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616750",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616750"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0167",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0167"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0167",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0167"
        }
      ],
      "release_date": "2002-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-21T15:48:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:048"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0168",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616751"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616751",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616751"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168"
        }
      ],
      "release_date": "2002-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-21T15:48:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:048"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}

rhsa-2002_048

Vulnerability from csaf_redhat

Published

2002-03-21 15:48

Modified

2024-11-21 22:19

Summary

Red Hat Security Advisory: : New imlib packages available

Notes

Topic

Updated imlib packages are now available for Red Hat Linux 6.2, 7, 7.1 and 7.2 which fix potential problems loading untrusted images.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated imlib packages are now available for Red Hat Linux 6.2, 7,\n7.1 and 7.2 which fix potential problems loading untrusted images.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Imlib versions prior to 1.9.13 would fall back to loading images\nvia the NetPBM package, which has various problems making it\nunsuitable for loading untrusted images. Imlib 1.9.13 also fixes\nvarious problems in arguments passed to malloc().\n\nThese problems may allow attackers to construct images that,\nwhen loaded by a viewer using Imlib, could cause crashes \nor potentially the execution of arbitrary code.\n\nUsers are advised to upgrade to these errata packages, which\ncontain Imlib 1.9.13.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the names CAN-2002-0167, CAN-2002-0168 to these issues.\n\n[update May 16 2002]\nThe previous release of this errata fixed the aforementioned security\nproblems but had a file descriptor leak and a bug which would cause some\napplications (such as the Enlightenment window manager) to hang. These\nupdated packages fix these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:048",
        "url": "https://access.redhat.com/errata/RHSA-2002:048"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_048.json"
      }
    ],
    "title": "Red Hat Security Advisory: : New imlib packages available",
    "tracking": {
      "current_release_date": "2024-11-21T22:19:20+00:00",
      "generator": {
        "date": "2024-11-21T22:19:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:048",
      "initial_release_date": "2002-03-21T15:48:00+00:00",
      "revision_history": [
        {
          "date": "2002-03-21T15:48:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:19:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Linux 6.2",
                "product": {
                  "name": "Red Hat Linux 6.2",
                  "product_id": "Red Hat Linux 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:6.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.0",
                "product": {
                  "name": "Red Hat Linux 7.0",
                  "product_id": "Red Hat Linux 7.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.1",
                "product": {
                  "name": "Red Hat Linux 7.1",
                  "product_id": "Red Hat Linux 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux 7.2",
                "product": {
                  "name": "Red Hat Linux 7.2",
                  "product_id": "Red Hat Linux 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:linux:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0167",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616750"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0167"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616750",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616750"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0167",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0167"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0167",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0167"
        }
      ],
      "release_date": "2002-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-21T15:48:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:048"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0168",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616751"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Linux 6.2",
          "Red Hat Linux 7.0",
          "Red Hat Linux 7.1",
          "Red Hat Linux 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616751",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616751"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168"
        }
      ],
      "release_date": "2002-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-03-21T15:48:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade.  Only those\nRPMs which are currently installed will be updated.  Those RPMs which are\nnot installed but included in the list will not be updated.  Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains\nthe desired RPMs.\n\nPlease note that this update is also available via Red Hat Network.  Many\npeople find this an easier way to apply updates.  To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Linux 6.2",
            "Red Hat Linux 7.0",
            "Red Hat Linux 7.1",
            "Red Hat Linux 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:048"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}

fkie_cve-2002-0168

Vulnerability from fkie_nvd

Published

2002-04-22 04:00

Modified

2024-11-20 23:38

Severity ?

Summary

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470
cve@mitre.org	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php
cve@mitre.org	http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-048.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/4336
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-048.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4336

Impacted products

Vendor	Product	Version
enlightenment	imlib	1.9
enlightenment	imlib	1.9.1
enlightenment	imlib	1.9.2
enlightenment	imlib	1.9.3
enlightenment	imlib	1.9.4
enlightenment	imlib	1.9.5
enlightenment	imlib	1.9.6
enlightenment	imlib	1.9.7
enlightenment	imlib	1.9.8
enlightenment	imlib	1.9.9
enlightenment	imlib	1.9.10
enlightenment	imlib	1.9.11
enlightenment	imlib	1.9.12

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en Imlib antes de 1.9.13 permiten a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario manipulando argumentos que se pasan a malloc(), lo que produce corrupci\u00f3n el el mont\u00f3n (heap)."
    }
  ],
  "id": "CVE-2002-0168",
  "lastModified": "2024-11-20T23:38:28.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-04-22T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/4336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/4336"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-g967-wq9p-hfrq

Vulnerability from github

Published

2022-05-03 03:07

Modified

2022-05-03 03:07

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-0168"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-04-22T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.",
  "id": "GHSA-g967-wq9p-hfrq",
  "modified": "2022-05-03T03:07:49Z",
  "published": "2022-05-03T03:07:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0168"
    },
    {
      "type": "WEB",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000470"
    },
    {
      "type": "WEB",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-048.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/4336"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2002-0168

Vulnerability from cvelistv5

gsd-2002-0168

Vulnerability from gsd

rhsa-2002:048

Vulnerability from csaf_redhat

RHSA-2002:048

Vulnerability from csaf_redhat

rhsa-2002_048

Vulnerability from csaf_redhat

fkie_cve-2002-0168

Vulnerability from fkie_nvd

ghsa-g967-wq9p-hfrq

Vulnerability from github

Tags

Sightings

Nomenclature