Context Navigation

← Previous Ticket
Next Ticket →

Modify ↓

Ticket #136 (closed Bug: Fixed)

Opened 3 years ago

Last modified 3 years ago

imlib 1.4.2 security bug in XPM loader

Reported by:	MarcusMeissner	Owned by:
Priority:	Blocker	Milestone:
Component:	imlib2	Keywords:
Cc:		Blocked By:
Blocking:

Description

Hi,

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15 has a pointer arithmentic problem + fix inb the XPM loader, which might have security implications.

CVE Entry is:

Name: CVE-2008-5187 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 Reference: MLIST:[oss-security] 20081120 CVE Request: imlib2 Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/20/5 Reference: SECUNIA:32796 Reference: URL:http://secunia.com/advisories/32796

The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Attachments

imlib2-loader_xpm-CVE-2008-5187.patch (462 bytes) - added by MarcusMeissner 3 years ago.: fix for pointer arithmentic problem

Change History

Changed 3 years ago by MarcusMeissner

attachment imlib2-loader_xpm-CVE-2008-5187.patch added

fix for pointer arithmentic problem

comment:1 Changed 3 years ago by mcalamelli

Status changed from new to closed
Resolution set to Fixed

Fixed by raster in r37744

View ↑

Add a comment

You may use WikiFormatting here.

Modify Ticket

Action

leave as closed

reopen The resolution will be deleted. Next status will be 'reopened'

Author

Your email or username:

E-mail address and user name can be saved in the Preferences.

Attachments ↑

Note: See TracTickets for help on using tickets.

Download in other formats:

Enlightenment