CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-6079

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile29.39th
Published2009年2月6日
Last Modified2026年4月23日

Vulnerability Description

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."

Affected Platforms (CPE)

📦
Enlightenment

Imlib2

<= 1.4.1
📦
Enlightenment

Imlib2

= 1.0
📦
Enlightenment

Imlib2

= 1.0.1
📦
Enlightenment

Imlib2

= 1.0.2
📦
Enlightenment

Imlib2

= 1.0.3
📦
Enlightenment

Imlib2

= 1.0.4
📦
Enlightenment

Imlib2

= 1.0.5
📦
Enlightenment

Imlib2

= 1.1
📦
Enlightenment

Imlib2

= 1.1.1
📦
Enlightenment

Imlib2

= 1.1.2
📦
Enlightenment

Imlib2

= 1.2.1
📦
Enlightenment

Imlib2

= 1.2.2
📦
Enlightenment

Imlib2

= 1.3.0
📦
Enlightenment

Imlib2

= 1.4.0

References & Advisories

🔗 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469
🔗 http://secunia.com/advisories/32354
🔗 http://secunia.com/advisories/39340
🔗 http://sourceforge.net/project/shownotes.php?release_id=634778
🔗 http://www.debian.org/security/2010/dsa-2029
🔗 http://www.securityfocus.com/bid/31880
🔗 http://www.vupen.com/english/advisories/2008/2898
🔗 http://www.vupen.com/english/advisories/2010/0803

関連する脆弱性情報

CVE-2016-40249.8

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions...

CVE-2008-24269.3

Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of serv...

CVE-2020-127619.1

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds ...

CVE-2016-39948.2

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive...