oss-sec mailing list archives
Re: CVE Request: imlib2
From: Nico Golde <oss-security+ml () ngolde de>
Date: Thu, 20 Nov 2008 15:37:38 +0100
Hi, * P??nar Yanarda?? <pinar () pardus org tr> [2008-11-20 14:29]:
---- *Description*: A vulnerability has been discovered in imlib2, which can be exploited by malicious people to potentially compromise an application using the library. The vulnerability is caused due to a pointer arithmetic error within the "load()" function provided by the XPM loader. This can be exploited to cause a heap-based buffer overflow via a specially crafted XPM file.
[...] Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15 Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE Request: imlib2 Pınar Yanardağ (Nov 20)
- Re: CVE Request: imlib2 Nico Golde (Nov 20)
- Re: CVE Request: imlib2 Steven M. Christey (Nov 20)
- Re: CVE Request: imlib2 Steven M. Christey (Nov 20)
- Re: CVE Request: imlib2 Pınar Yanardağ (Nov 21)
- Re: CVE Request: imlib2 Nico Golde (Nov 20)