Heap-Based Buffer Overflow in imlib2 Affects Multiple Image File Formats
CVE-2010-0991

Currently unrated

Key Information:

Vendor: Enlightenment
Status: Imlib2
Vendor: CVE Published:; 22 April 2010

Summary

Multiple heap-based buffer overflows exist in imlib2 1.4.3, allowing attackers to execute arbitrary code by manipulating crafted image files such as ARGB, XPM, or BMP. This vulnerability is linked to the handling of image dimensions within the IMAGE_DIMENSIONS_OK macro defined in lib/image.h, creating potential entry points for malicious exploitation.

References

http://secunia.com/advisories/39354

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/510866/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2010/0959

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 22, 2010
Vulnerability Reserved
Mar 18, 2010