← back
CVE-2008-2426

CVE-2008-2426

EPSS 5.7%
Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_pnm.c; or (2) a crafted XPM image, related to the load function in src/modules/loader_xpm.c.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.htmlhttp://secunia.com/advisories/30401http://secunia.com/advisories/30485http://secunia.com/advisories/30572http://secunia.com/advisories/30727http://secunia.com/advisories/31982http://secunia.com/secunia_research/2008-25/advisory/http://securitytracker.com/id?1020146https://exchange.xforce.ibmcloud.com/vulnerabilities/42732https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00030.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-June/msg00052.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-June/msg00113.html