Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2009:286 | First vendor Publication | 2009-10-21 |
| Vendor | Mandriva | Last vendor Modification | 2009-10-21 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple vulnerabilities has been found and corrected in ocaml-camlimages: Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function (CVE-2009-2295). Multiple integer overflows in CamlImages 2.2 might allow context-dependent attackers to execute arbitrary code via images containing large width and height values that trigger a heap-based buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) crafted JPEG files (jpegread.c), a different vulnerability than CVE-2009-2295 (CVE-2009-2660). Multiple integer overflows in tiffread.c in CamlImages 2.2 might allow remote attackers to execute arbitrary code via TIFF images containing large width and height values that trigger heap-based buffer overflows (CVE-2009-3296). This update fixes these vulnerabilities. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:286 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:13502 | |||
| Oval ID: | oval:org.mitre.oval:def:13502 | ||
| Title: | DSA-1912-2 advi -- integer overflow | ||
| Description: | Due to the fact that advi, an active DVI previewer and presenter, statically links against camlimages it was neccessary to rebuilt it in order to incorporate the latest security fixes for camlimages, which could lead to integer overflows via specially crafted TIFF files or GIFF and JPEG images. For the stable distribution, these problems have been fixed in version 1.6.0-13+lenny2. Due to a bug in the archive system, the fix for the oldstable distribution cannot be released at the same time. These problems will be fixed in version 1.6.0-12+etch2, once it is available. For the testing distribution and the unstable distribution, these problems have been fixed in version 1.6.0-14+b1. We recommend that you upgrade your advi package. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1912-2 CVE-2009-3296 CVE-2009-2660 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | advi |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13745 | |||
| Oval ID: | oval:org.mitre.oval:def:13745 | ||
| Title: | DSA-1912-1 camlimages -- integer overflow | ||
| Description: | It was discovered that CamlImages, an open source image processing library, suffers from several integer overflows, which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. This advisory addresses issues with the reading of TIFF files. It also expands the patch for CVE-2009-2660 to cover another potential overflow in the processing of JPEG images. For the oldstable distribution, this problem has been fixed in version 2.20-8+etch3. For the stable distribution, this problem has been fixed in version 1:2.2.0-4+lenny3. For the testing distribution and the unstable distribution, this problem will be fixed soon. We recommend that you upgrade your camlimages package. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1912-1 CVE-2009-3296 CVE-2009-2660 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | camlimages |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7831 | |||
| Oval ID: | oval:org.mitre.oval:def:7831 | ||
| Title: | DSA-1832 camlimages -- integer overflow | ||
| Description: | Tielei Wang discovered that CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1832 CVE-2009-2295 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | camlimages |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7833 | |||
| Oval ID: | oval:org.mitre.oval:def:7833 | ||
| Title: | DSA-1857 camlimages -- integer overflow | ||
| Description: | Tielei Wang discovered that CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. This advisory addresses issues with the reading of JPEG and GIF Images, while DSA 1832-1 addressed the issue with PNG images. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1857 CVE-2009-2660 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | camlimages |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7956 | |||
| Oval ID: | oval:org.mitre.oval:def:7956 | ||
| Title: | DSA-1912 camlimages -- integer overflow | ||
| Description: | It was discovered that CamlImages, an open source image processing library, suffers from several integer overflows, which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. This advisory addresses issues with the reading of TIFF files. It also expands the patch for CVE-2009-2660 to cover another potential overflow in the processing of JPEG images. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1912 CVE-2009-3296 CVE-2009-2660 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | camlimages |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201006-02 (camlimages) File : nvt/glsa_201006_02.nasl |
| 2009-11-17 | Name : Fedora Core 10 FEDORA-2009-10568 (ocaml-camlimages) File : nvt/fcore_2009_10568.nasl |
| 2009-11-17 | Name : Fedora Core 11 FEDORA-2009-10594 (ocaml-camlimages) File : nvt/fcore_2009_10594.nasl |
| 2009-10-27 | Name : Debian Security Advisory DSA 1912-2 (advi) File : nvt/deb_1912_2.nasl |
| 2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:286 (ocaml-camlimages) File : nvt/mdksa_2009_286.nasl |
| 2009-10-19 | Name : Debian Security Advisory DSA 1912-1 (camlimages) File : nvt/deb_1912_1.nasl |
| 2009-09-15 | Name : Fedora Core 10 FEDORA-2009-7491 (ocaml-camlimages) File : nvt/fcore_2009_7491.nasl |
| 2009-08-17 | Name : Debian Security Advisory DSA 1857-1 (camlimages) File : nvt/deb_1857_1.nasl |
| 2009-08-17 | Name : Fedora Core 11 FEDORA-2009-7494 (ocaml-camlimages) File : nvt/fcore_2009_7494.nasl |
| 2009-07-29 | Name : Debian Security Advisory DSA 1832-1 (camlimages) File : nvt/deb_1832_1.nasl |
| 2009-07-29 | Name : Ubuntu USN-799-1 (dbus) File : nvt/ubuntu_799_1.nasl |
| 2009-07-29 | Name : Ubuntu USN-801-1 (tiff) File : nvt/ubuntu_801_1.nasl |
| 2009-07-29 | Name : Ubuntu USN-802-1 (apache2) File : nvt/ubuntu_802_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 59083 | CamlImages tiffread.c TIFF File Handling Multiple Overflows |
| 56794 | CamlImages jpegread.c JPEG File Handling Overflow |
| 56793 | CamlImages gifread.c GIF File Handling Overflow |
| 56092 | CamlImages PNG Handling Multiple Functions Overflow |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-06-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201006-02.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1832.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1857.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1912.nasl - Type : ACT_GATHER_INFO |
| 2009-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10568.nasl - Type : ACT_GATHER_INFO |
| 2009-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10594.nasl - Type : ACT_GATHER_INFO |
| 2009-09-14 | Name : The remote Fedora host is missing a security update. File : fedora_2009-7491.nasl - Type : ACT_GATHER_INFO |
| 2009-08-13 | Name : The remote Fedora host is missing a security update. File : fedora_2009-7494.nasl - Type : ACT_GATHER_INFO |
