imlib -- xpm heap buffer overflows and integer overflows
2004-12-06T00:00:00
ID 2001103A-6BBD-11D9-851D-000A95BC6FAE Type freebsd Reporter FreeBSD Modified 2004-12-06T00:00:00
Description
Pavel Kankovsky reports:
Imlib affected by a variant of CAN-2004-0782 too.
I've discovered more vulnerabilities in Imlib
(1.9.13). In particular, it appears to be affected by a
variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see
http://scary.beasts.org/security/CESA-2004-003.txt). Look
at the attached image, it kills ee on my 7.3.
The flaws also affect imlib2.
{"modified": "2004-12-06T00:00:00", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "edition": 1, "type": "freebsd", "reporter": "FreeBSD", "references": ["https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=138516", "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c#rev1.3", "https://bugzilla.fedora.us/show_bug.cgi?id=2051#c11"], "hashmap": [{"hash": "09b72754ab2b90c90264e698b0297eaa", "key": "affectedPackage"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "5e0058f9c6aa5c119a3a8c2444c24db7", "key": "cvelist"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "91daf1e8939761d79d9e5152cff8e595", "key": "description"}, {"hash": "c11570f3a902453852371be1e0215349", "key": "href"}, {"hash": "1fa3164b7235031e540d950c76960d6e", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "1fa3164b7235031e540d950c76960d6e", "key": "published"}, {"hash": "5d4980dc26f4864541e911433b005ec6", "key": "references"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "162427ac185134f51065d81e22f9f362", "key": "title"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "href": "https://vuxml.freebsd.org/freebsd/2001103a-6bbd-11d9-851d-000a95bc6fae.html", "description": "\nPavel Kankovsky reports:\n\nImlib affected by a variant of CAN-2004-0782 too.\nI've discovered more vulnerabilities in Imlib\n\t (1.9.13). In particular, it appears to be affected by a\n\t variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see\n\t http://scary.beasts.org/security/CESA-2004-003.txt). Look\n\t at the attached image, it kills ee on my 7.3.\n\nThe flaws also affect imlib2.\n", "id": "2001103A-6BBD-11D9-851D-000A95BC6FAE", "lastseen": "2016-09-26T17:25:17", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "hash": "b4f71deb17c70b7d16ca39177feb2beb33c4e1ec0fa40012cef06709a69312b7", "enchantments": {"vulnersScore": 7.5}, "bulletinFamily": "unix", "history": [], "published": "2004-12-06T00:00:00", "objectVersion": "1.2", "affectedPackage": [{"packageFilename": "UNKNOWN", "operator": "lt", "OS": "FreeBSD", "packageName": "imlib2", "OSVersion": "any", "packageVersion": "1.1.2_1", "arch": "noarch"}, {"packageFilename": "UNKNOWN", "operator": "lt", "OS": "FreeBSD", "packageName": "imlib", "OSVersion": "any", "packageVersion": "1.9.15_2", "arch": "noarch"}], "viewCount": 0, "title": "imlib -- xpm heap buffer overflows and integer overflows"}
{"result": {"cve": [{"id": "CVE-2004-1026", "type": "cve", "title": "CVE-2004-1026", "description": "Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.", "published": "2005-01-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1026", "cvelist": ["CVE-2004-1026"], "lastseen": "2017-10-11T11:05:59"}, {"id": "CVE-2004-1025", "type": "cve", "title": "CVE-2004-1025", "description": "Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.", "published": "2005-01-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1025", "cvelist": ["CVE-2004-1025"], "lastseen": "2017-10-11T11:05:59"}], "gentoo": [{"id": "GLSA-200412-03", "type": "gentoo", "title": "imlib: Buffer overflows in image decoding", "description": "### Background\n\nimlib is an advanced replacement library for image manipulation libraries like libXpm. It is called by numerous programs, including gkrellm and several window managers, to help in displaying images. \n\n### Description\n\nPavel Kankovsky discovered that several overflows found in the libXpm library (see GLSA 200409-34) also applied to imlib. He also fixed a number of other potential flaws. \n\n### Impact\n\nA remote attacker could entice a user to view a carefully-crafted image file, which would potentially lead to execution of arbitrary code with the rights of the user viewing the image. This affects any program that makes use of the imlib library. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll imlib users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/imlib-1.9.14-r3\"", "published": "2004-12-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/200412-03", "cvelist": ["CVE-2004-1026"], "lastseen": "2016-09-06T19:46:57"}, {"id": "GLSA-200501-19", "type": "gentoo", "title": "imlib2: Buffer overflows in image decoding", "description": "### Background\n\nimlib2 is an advanced replacement for image manipulation libraries such as libXpm. It is utilized by numerous programs, including gkrellm and several window managers, to display images. \n\n### Description\n\nPavel Kankovsky discovered that several buffer overflows found in the libXpm library (see GLSA 200409-34) also apply to imlib (see GLSA 200412-03) and imlib2. He also fixed a number of other potential security vulnerabilities. \n\n### Impact\n\nA remote attacker could entice a user to view a carefully-crafted image file, which would potentially lead to the execution of arbitrary code with the rights of the user viewing the image. This affects any program that utilizes of the imlib2 library. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll imlib2 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/imlib2-1.2.0\"", "published": "2005-01-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/200501-19", "cvelist": ["CVE-2004-1026"], "lastseen": "2016-09-06T19:46:27"}], "openvas": [{"id": "OPENVAS:54805", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200501-19 (imlib2)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200501-19.", "published": "2008-09-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=54805", "cvelist": ["CVE-2004-1026"], "lastseen": "2017-07-24T12:50:00"}, {"id": "OPENVAS:54762", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200412-03 (imlib)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200412-03.", "published": "2008-09-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=54762", "cvelist": ["CVE-2004-1026"], "lastseen": "2017-07-24T12:50:08"}, {"id": "OPENVAS:53466", "type": "openvas", "title": "Debian Security Advisory DSA 628-1 (imlib2)", "description": "The remote host is missing an update to imlib2\nannounced via advisory DSA 628-1.", "published": "2008-01-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=53466", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-07-24T12:49:54"}, {"id": "OPENVAS:53718", "type": "openvas", "title": "Debian Security Advisory DSA 618-1 (imlib)", "description": "The remote host is missing an update to imlib\nannounced via advisory DSA 618-1.", "published": "2008-01-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=53718", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-07-24T12:49:57"}, {"id": "OPENVAS:52220", "type": "openvas", "title": "FreeBSD Ports: imlib", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=52220", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-07-02T21:10:08"}], "nessus": [{"id": "GENTOO_GLSA-200501-19.NASL", "type": "nessus", "title": "GLSA-200501-19 : imlib2: Buffer overflows in image decoding", "description": "The remote host is affected by the vulnerability described in GLSA-200501-19 (imlib2: Buffer overflows in image decoding)\n\n Pavel Kankovsky discovered that several buffer overflows found in the libXpm library (see GLSA 200409-34) also apply to imlib (see GLSA 200412-03) and imlib2. He also fixed a number of other potential security vulnerabilities.\n Impact :\n\n A remote attacker could entice a user to view a carefully-crafted image file, which would potentially lead to the execution of arbitrary code with the rights of the user viewing the image. This affects any program that utilizes of the imlib2 library.\n Workaround :\n\n There is no known workaround at this time.", "published": "2005-02-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=16410", "cvelist": ["CVE-2004-1026"], "lastseen": "2017-10-29T13:44:35"}, {"id": "GENTOO_GLSA-200412-03.NASL", "type": "nessus", "title": "GLSA-200412-03 : imlib: Buffer overflows in image decoding", "description": "The remote host is affected by the vulnerability described in GLSA-200412-03 (imlib: Buffer overflows in image decoding)\n\n Pavel Kankovsky discovered that several overflows found in the libXpm library (see GLSA 200409-34) also applied to imlib. He also fixed a number of other potential flaws.\n Impact :\n\n A remote attacker could entice a user to view a carefully-crafted image file, which would potentially lead to execution of arbitrary code with the rights of the user viewing the image. This affects any program that makes use of the imlib library.\n Workaround :\n\n There is no known workaround at this time.", "published": "2004-12-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=15913", "cvelist": ["CVE-2004-1026"], "lastseen": "2018-01-13T00:54:58"}, {"id": "REDHAT-RHSA-2004-651.NASL", "type": "nessus", "title": "RHEL 2.1 / 3 : imlib (RHSA-2004:651)", "description": "Updated imlib packages that fix several integer and buffer overflows are now available.\n\n[Updated Dec 22, 2004] Added multilib packages to the Itanium, PPC, AMD64/Intel EM64T, and IBM eServer zSeries architectures for Red Hat Enterprise Linux version 3.\n\nThe imlib packages contain an image loading and rendering library.\n\nPavel Kankovsky discovered several heap overflow flaws that were found in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1025 to this issue.\n\nAdditionally, Pavel discovered several integer overflow flaws that were found in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code or crash when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1026 to this issue.\n\nUsers of imlib should update to these updated packages, which contain backported patches and are not vulnerable to this issue.", "published": "2004-12-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=15947", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:38:54"}, {"id": "DEBIAN_DSA-628.NASL", "type": "nessus", "title": "Debian DSA-628-1 : imlib2 - integer overflows", "description": "Pavel Kankovsky discovered that several overflows found in the libXpm library were also present in imlib and imlib2, imaging libraries for X11. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib or imlib2 to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CAN-2004-1025 Multiple heap-based buffer overflows. No such code is present in imlib2.\n\n - CAN-2004-1026\n\n Multiple integer overflows in the imlib library.", "published": "2005-01-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=16106", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:44:53"}, {"id": "UBUNTU_USN-53-1.NASL", "type": "nessus", "title": "Ubuntu 4.10 : imlib+png2 vulnerabilities (USN-53-1)", "description": "Pavel Kankovsky discovered several buffer overflows in imlib. If an attacker tricked a user into loading a malicious image, he could exploit this to execute arbitrary code in the context of the user opening the image.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2006-01-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=20671", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:44:39"}, {"id": "FREEBSD_PKG_2001103A6BBD11D9851D000A95BC6FAE.NASL", "type": "nessus", "title": "FreeBSD : imlib -- xpm heap buffer overflows and integer overflows (2001103a-6bbd-11d9-851d-000a95bc6fae)", "description": "Pavel Kankovsky reports :\n\nImlib affected by a variant of CAN-2004-0782 too.\n\nI've discovered more vulnerabilities in Imlib (1.9.13). In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt). Look at the attached image, it kills ee on my 7.3.\n\nThe flaws also affect imlib2.", "published": "2005-07-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=18864", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:36:14"}, {"id": "MANDRAKE_MDKSA-2005-007.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : imlib (MDKSA-2005:007)", "description": "Pavel Kankovsky discovered several heap overflow flaw in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code when the file was opened by a user (CVE-2004-1025).\n\nAs well, Pavel also discovered several integer overflows in imlib.\nThese could allow an attacker, creating a carefully crafted image file, to cause an application linked with imlib to execute arbitrary code or crash (CVE-2004-1026).\n\nThe updated packages have been patched to prevent these problems.", "published": "2005-01-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=16158", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:44:06"}, {"id": "DEBIAN_DSA-618.NASL", "type": "nessus", "title": "Debian DSA-618-1 : imlib - buffer overflows, integer overflows", "description": "Pavel Kankovsky discovered that several overflows found in the libXpm library were also present in imlib, an imaging library for X and X11.\nAn attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CAN-2004-1025 Multiple heap-based buffer overflows.\n\n - CAN-2004-1026\n\n Multiple integer overflows.", "published": "2004-12-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=16049", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:36:18"}, {"id": "UBUNTU_USN-55-1.NASL", "type": "nessus", "title": "Ubuntu 4.10 : imlib2 vulnerabilities (USN-55-1)", "description": "Recently, Pavel Kankovsky discovered several buffer overflows in imlib which were fixed in USN-53-1. It was found that imlib2 was vulnerable to similar issues.\n\nIf an attacker tricked a user into loading a malicious XPM or BMP image, he could exploit this to execute arbitrary code in the context of the user opening the image.\n\nThese vulnerabilities might also lead to privilege escalation if a privileged server process is using this library; for example, a PHP script on the web server which does automatic image processing might use the php-imlib package, in which case a remote attacker could possibly execute arbitrary code with the web server's privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2006-01-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=20673", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-10-29T13:36:08"}], "ubuntu": [{"id": "USN-55-1", "type": "ubuntu", "title": "imlib2 vulnerabilities", "description": "Recently, Pavel Kankovsky discovered several buffer overflows in imlib which were fixed in USN-53-1. It was found that imlib2 was vulnerable to similar issues.\n\nIf an attacker tricked a user into loading a malicious XPM or BMP image, he could exploit this to execute arbitrary code in the context of the user opening the image.\n\nThese vulnerabilities might also lead to privilege escalation if a privileged server process is using this library; for example, a PHP script on the web server which does automatic image processing might use the php-imlib package, in which case a remote attacker could possibly execute arbitrary code with the web server\u2019s privileges.", "published": "2005-01-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/55-1/", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2018-03-29T18:18:18"}, {"id": "USN-53-1", "type": "ubuntu", "title": "imlib vulnerabilities", "description": "Pavel Kankovsky discovered several buffer overflows in imlib. If an attacker tricked a user into loading a malicious image, he could exploit this to execute arbitrary code in the context of the user opening the image.", "published": "2004-12-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/53-1/", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2018-03-29T18:19:45"}], "debian": [{"id": "DSA-628", "type": "debian", "title": "imlib2 -- integer overflows", "description": "Pavel Kankovsky discovered that several overflows found in the libXpm library were also present in imlib and imlib2, imaging libraries for X11. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib or imlib2 to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CAN-2004-1025](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025>)\n\nMultiple heap-based buffer overflows. No such code is present in imlib2.\n\n * [CAN-2004-1026](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026>)\n\nMultiple integer overflows in the imlib library.\n\nFor the stable distribution (woody) these problems have been fixed in version 1.0.5-2woody2.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your imlib2 packages.", "published": "2005-01-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-628", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2016-09-02T18:25:58"}, {"id": "DSA-618", "type": "debian", "title": "imlib -- buffer overflows, integer overflows", "description": "Pavel Kankovsky discovered that several overflows found in the libXpm library were also present in imlib, an imaging library for X and X11. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CAN-2004-1025](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025>)\n\nMultiple heap-based buffer overflows.\n\n * [CAN-2004-1026](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026>)\n\nMultiple integer overflows.\n\nFor the stable distribution (woody) these problems have been fixed in version 1.9.14-2woody2.\n\nFor the unstable distribution (sid) these problems have been fixed in version 1.9.14-17.1 of imlib and in version 1.9.14-16.1 of imlib+png2 which produces the imlib1 package.\n\nWe recommend that you upgrade your imlib packages immediately.", "published": "2004-12-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-618", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2016-09-02T18:19:49"}], "redhat": [{"id": "RHSA-2004:651", "type": "redhat", "title": "(RHSA-2004:651) imlib security update", "description": "The imlib packages contain an image loading and rendering library.\n\nPavel Kankovsky discovered several heap overflow flaws that were found in\nthe imlib image handler. An attacker could create a carefully crafted image\nfile in such a way that it could cause an application linked with imlib to\nexecute arbitrary code when the file was opened by a victim. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-1025 to this issue.\n\nAdditionally, Pavel discovered several integer overflow flaws that were\nfound in the imlib image handler. An attacker could create a carefully\ncrafted image file in such a way that it could cause an application linked\nwith imlib to execute arbitrary code or crash when the file was opened by a\nvictim. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CAN-2004-1026 to this issue.\n\nUsers of imlib should update to these updated packages, which contain\nbackported patches and are not vulnerable to this issue.", "published": "2004-12-23T05:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2004:651", "cvelist": ["CVE-2004-1025", "CVE-2004-1026"], "lastseen": "2018-03-14T15:43:14"}], "osvdb": [{"id": "OSVDB:12843", "type": "osvdb", "title": "Imlib Image Decoding Multiple Unspecified Overflows", "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200501-19.xml)\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml)\n[Secunia Advisory ID:13381](https://secuniaresearch.flexerasoftware.com/advisories/13381/)\n[Secunia Advisory ID:13382](https://secuniaresearch.flexerasoftware.com/advisories/13382/)\n[Secunia Advisory ID:13667](https://secuniaresearch.flexerasoftware.com/advisories/13667/)\n[Secunia Advisory ID:13752](https://secuniaresearch.flexerasoftware.com/advisories/13752/)\n[Secunia Advisory ID:13435](https://secuniaresearch.flexerasoftware.com/advisories/13435/)\n[Secunia Advisory ID:13831](https://secuniaresearch.flexerasoftware.com/advisories/13831/)\n[Secunia Advisory ID:13395](https://secuniaresearch.flexerasoftware.com/advisories/13395/)\nRedHat RHSA: RHSA-2004:651\nOther Advisory URL: http://www.debian.org/security/2004/dsa-618\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200412-03.xml\nOther Advisory URL: http://www.securityfocus.com/advisories/7603\nOther Advisory URL: http://www.debian.org/security/2005/dsa-628\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:007\n[CVE-2004-1026](https://vulners.com/cve/CVE-2004-1026)\n[CVE-2004-1025](https://vulners.com/cve/CVE-2004-1025)\nBugtraq ID: 11830\n", "published": "2004-12-07T04:34:40", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/osvdb/OSVDB:12843", "cvelist": ["CVE-2004-1026", "CVE-2004-1025"], "lastseen": "2017-04-28T13:20:08"}]}}
