USN-53-1: imlib vulnerabilities

Pavel Kankovsky discovered several buffer overflows in imlib. If an attacker tricked a user into loading a malicious image, he could exploit this to execute arbitrary code in the context of the user opening the image...

CVE-2004-1025

Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service application crash and execute arbitrary code via certain image files...

imlib -- xpm heap buffer overflows and integer overflows

Pavel Kankovsky reports: Imlib affected by a variant of CAN-2004-0782 too. I've discovered more vulnerabilities in Imlib 1.9.13. In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw 1 CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt. Look at the...

Fedora Core 2 : imlib-1.9.13-19 (2004-301)

Several heap overflow vulnerabilities have been found in the imlib BMP image handler. An attacker could create a carefully crafted BMP file in such a way that it would cause an application linked with imlib to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities...

Mandrake Linux Security Advisory : imlib (MDKSA-2002:029)

Previous versions of imlib, prior to 1.9.13, would fall back to the NetPBM library which is not suitable for loading untrusted images due to various problem in it's code. The new imlib also fixes some problems with arguments passed to malloc. These problems could allow attackers to construct imag...

[CLA-2002:470] Conectiva Linux Security Announcement - imlib

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : imlib SUMMARY : Potential vulnerabilities in imli...