Lucene search
RootSSV:4660HistoryJan 15, 2009 - 12:00 a.m.
DevIL RGBE文件解析栈溢出漏洞
2009-01-1500:00:00
Root
www.seebug.org
5
0.012 Low
EPSS
Percentile
83.7%
BUGTRAQ ID: 33231
CVE(CAN) ID: CVE-2008-5262
DevIL是Developer’s Image Library是缩写,是用于开发具有图形加载功能应用程序的程序员用函数库。
DevIL库的src-IL/src/il_hdr.c文件中的iGetHdrHeader()函数存在栈溢出漏洞。如果用户受骗加载了特制的Radiance RGBE文件,就可以触发这个溢出,导致执行任意代码。
DevIL 1.7.4
DevIL
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://openil.sourceforge.net/” target=“_blank”>http://openil.sourceforge.net/</a>
Related
prion
prion
Stack overflow
2009-01-13 17:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: DevIL-1.7.5-2.fc10
2009-01-21 21:39:47
[SECURITY] Fedora 9 Update: DevIL-1.7.5-2.fc9
2009-01-21 21:39:04
securityvulns
securityvulns
Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities
2009-01-13 00:00:00
DevIL library buffer overflow
2009-01-13 00:00:00
debiancve
debiancve
CVE-2008-5262
2009-01-13 17:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-0867 (DevIL)
2009-01-26 00:00:00
Debian Security Advisory DSA 1717-1 (devil)
2009-02-10 00:00:00
Debian: Security Advisory (DSA-1717-1)
2009-02-10 00:00:00
gentoo
gentoo
DevIL: User-assisted execution of arbitrary code
2009-03-06 00:00:00
nessus
nessus
Fedora 10 : DevIL-1.7.5-2.fc10 (2009-0867)
2009-04-23 00:00:00
Debian DSA-1717-1 : devil - buffer overflow
2009-02-09 00:00:00
GLSA-200903-04 : DevIL: User-assisted execution of arbitrary code
2009-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2008-5262
2009-01-13 00:00:00
cve
cve
CVE-2008-5262
2009-01-13 17:00:00
debian
debian
[SECURITY] [DSA 1717-1] New devil packages fix buffer overflow
2009-02-05 06:30:23
[SECURITY] [DSA 1717-1] New devil packages fix buffer overflow
2009-02-05 06:30:36