Executive Summary
| Summary | |
|---|---|
| Title | imlib2 vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | USN-376-1 | First vendor Publication | 2006-11-03 |
| Vendor | Ubuntu | Last vendor Modification | 2006-11-03 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5.1 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | High |
| Cvss Expoit Score | 4.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: Ubuntu 6.06 LTS: Ubuntu 6.10: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges. |
Original Source
| Url : http://www.ubuntu.com/usn/USN-376-1 |
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200612-20 (imlib2) File : nvt/glsa_200612_20.nasl |
| 2008-09-04 | Name : FreeBSD Ports: imlib2 File : nvt/freebsd_imlib20.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 30109 | imlib2 loader_tiff.c TIFF Image Handling Overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_tiff.c' during the processing of TIFF images, and will result in loss of availability for the service. |
| 30108 | imlib2 loader_jpeg.c JPEG Image Handling Overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_jpeg.c' during the processing of JPEG images, and will result in loss of availability for the service. |
| 30107 | imlib2 loader_lbm.c LBM Image Handling Overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_lbm.c' during the processing of LBM images, and will result in loss of availability for the service. |
| 30106 | imlib2 loader_png.c PNG Image Handling overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_png.c' during the processing of PNG images, and will result in loss of availability for the service. |
| 30105 | imlib2 loader_argb.c ARGB Image Handling Overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_argb.c' during the processing of ARGB images, and will result in loss of availability for the service. |
| 30104 | imlib2 loader_pnm.c PNM Image Handling Overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_pnm.c' 'during the processing of PNM images, and will result in loss of availability for the service. |
| 30103 | imlib2 loader_tga.c TGA Image Handling Overflow Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_tga.c' during the processing of TGA images, and will result in loss of availability for the service. |
| 30102 | imlib2 loader_tga.c TGA Image Handling Memory Read DoS Imlib2 contains a flaw that may allow a remote denial of service. The issue is triggered due to unspecified errors in 'loader_tga.c' 'during the processing of TGA images, and will result in loss of availability for the service |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2012-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_extras_2006-004.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-156.nasl - Type : ACT_GATHER_INFO |
| 2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_imlib2-loaders-2245.nasl - Type : ACT_GATHER_INFO |
| 2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_imlib2-loaders-2261.nasl - Type : ACT_GATHER_INFO |
| 2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-376-1.nasl - Type : ACT_GATHER_INFO |
| 2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-376-2.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_imlib2-loaders-2244.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_imlib2-loaders-2265.nasl - Type : ACT_GATHER_INFO |
| 2007-02-18 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-198.nasl - Type : ACT_GATHER_INFO |
| 2006-12-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200612-20.nasl - Type : ACT_GATHER_INFO |
| 2006-11-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_92442c4b6f4a11dbbd280012f06707f0.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:03:55 |
|
