Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | imlib2 | < 1.10.0-4+deb12u1 | imlib2_1.10.0-4+deb12u1_all.deb |
Debian | 11 | all | imlib2 | < 1.7.1-2 | imlib2_1.7.1-2_all.deb |
Debian | 10 | all | imlib2 | < 1.5.1-1 | imlib2_1.5.1-1_all.deb |
Debian | 999 | all | imlib2 | < 1.12.1-1.1 | imlib2_1.12.1-1.1_all.deb |
Debian | 13 | all | imlib2 | < 1.12.1-1.1 | imlib2_1.12.1-1.1_all.deb |