Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD910486D5-BA4D-11DD-8F23-0019666436C2
HistoryNov 20, 2008 - 12:00 a.m.

imlib2 -- XPM processing buffer overflow vulnerability

2008-11-2000:00:00
vuxml.freebsd.org
16

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON

Secunia reports:

A vulnerability has been discovered in imlib2, which can
be exploited by malicious people to potentially compromise
an application using the library.
The vulnerability is caused due to a pointer arithmetic
error within the “load()” function provided by the XPM
loader. This can be exploited to cause a heap-based buffer
overflow via a specially crafted XPM file.
Successful exploitation may allow execution of arbitrary
code.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchimlib2< 1.4.1.000_1,2UNKNOWN
FreeBSDanynoarchimlib2-nox11< 1.4.1.000_1,2UNKNOWN

Related

nessus 11
openvas 18
ubuntu 1
fedora 3
gentoo 1
debian 1
securityvulns 2
cve 1
nvd 1
ubuntucve 1
prion 1
cvelist 1
debiancve 1
nessus
nessus
Fedora 10 : imlib2-1.4.2-2.fc10 (2008-10364)
2009-04-23 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : imlib2 vulnerability (USN-683-1)
2009-04-23 00:00:00
openSUSE 10 Security Update : imlib2 (imlib2-5804)
2008-12-02 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:019 (imlib2)
2009-01-20 00:00:00
Ubuntu Update for imlib2 vulnerability USN-683-1
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200812-23 (imlib2)
2008-12-29 00:00:00
ubuntu
ubuntu
Imlib2 vulnerability
2008-12-02 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: imlib2-1.4.2-2.fc10
2008-11-26 06:21:47
[SECURITY] Fedora 9 Update: imlib2-1.4.2-2.fc9
2008-11-26 06:16:53
[SECURITY] Fedora 8 Update: imlib2-1.4.2-2.fc8
2008-11-26 06:17:17
gentoo
gentoo
Imlib2: User-assisted execution of arbitrary code
2008-12-23 00:00:00
debian
debian
[SECURITY] [DSA 1672-1] New imlib2 packages fix arbitrary code execution
2008-11-29 02:28:21
securityvulns
securityvulns
[Full-disclosure] [USN-683-1] Imlib2 vulnerability
2008-12-02 00:00:00
imlib2 library buffer overflow
2008-05-29 00:00:00
cve
cve
CVE-2008-5187
2008-11-21 02:30:00
nvd
nvd
CVE-2008-5187
2008-11-21 02:30:00
ubuntucve
ubuntucve
CVE-2008-5187
2008-11-21 00:00:00
prion
prion
Heap overflow
2008-11-21 02:30:00
cvelist
cvelist
CVE-2008-5187
2008-11-21 02:00:00
debiancve
debiancve
CVE-2008-5187
2008-11-21 02:30:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.6%

JSON
Related for 910486D5-BA4D-11DD-8F23-0019666436C2
nessus11openvas18ubuntu1fedora3gentoo1debian1securityvulns2cve1nvd1ubuntucve1prion1cvelist1debiancve1