|
|
CVE Reference: CVE-2008-5187 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5187 |
|
|
Description: The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/USN-683-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html SAID Secunia Advisory: SA32796 Secunia Advisory: SA32843 Secunia Advisory: SA32949 Secunia Advisory: SA33323 Secunia Advisory: SA32963 Secunia Advisory: SA33568 OSVDB 49970 MLIST http://www.openwall.com/lists/oss-security/2008/11/20/5 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:019 GENTOO http://security.gentoo.org/glsa/glsa-200812-23.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1672 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15 BID 32371 |
|
| Return to the previous page. |
