IMLib/IMLib2 Multiple BMP Image Decoding Buffer Overflow Vulnerabilities

Bugtraq ID: 11084
Class: Boundary Condition Error
CVE: CVE-2004-0817
CVE-2004-0802
CVE-2004-0827
Remote: Yes
Local: No
Published: Sep 01 2004 12:00AM
Updated: Feb 11 2008 05:06PM
Credit: Discovery of these vulnerabilities is credited to Marcus Meissner.
Vulnerable: Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
SuSE Linux 8.1
SuSE Linux 8.0 i386
SuSE Linux 8.0
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 10_x86
Sun Solaris 10
Sun Java Desktop System (JDS) 2.0
Sun Java Desktop System (JDS) 2003
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
Redhat Linux 9.0 i386
Redhat Linux 7.3 i686
Redhat Linux 7.3 i386
Redhat Linux 7.3
Redhat Fedora Core3
Redhat Fedora Core2
Redhat Fedora Core1
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux WS 2.1 IA64
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux ES 2.1 IA64
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux AS 2.1 IA64
Redhat Enterprise Linux AS 2.1
Redhat Desktop 3.0
Redhat Advanced Workstation for the Itanium Processor 2.1 IA64
Redhat Advanced Workstation for the Itanium Processor 2.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Imlib Imlib 1.9.14
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Imlib Imlib 1.9.13
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Redhat Advanced Workstation for the Itanium Processor 2.1
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 3
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
Imlib Imlib 1.9.12
Imlib Imlib 1.9.11
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
Imlib Imlib 1.9.10
+ Redhat Linux 7.2
+ SuSE Linux 8.0 i386
+ SuSE Linux 8.0
+ SuSE Linux 7.3 sparc
+ SuSE Linux 7.3 ppc
+ SuSE Linux 7.3 i386
+ SuSE Linux 7.3
Imlib Imlib 1.9.9
+ SuSE Linux 7.2 i386
+ SuSE Linux 7.2
Imlib Imlib 1.9.8
+ HP Secure OS software for Linux 1.0
+ Redhat Linux 7.1
+ Redhat Linux 7.0
+ Redhat Linux 6.2
+ SuSE Linux 7.1 x86
+ SuSE Linux 7.1 sparc
+ SuSE Linux 7.1 ppc
+ SuSE Linux 7.1 alpha
+ SuSE Linux 7.1
+ SuSE Linux 7.0 sparc
+ SuSE Linux 7.0 ppc
+ SuSE Linux 7.0 i386
+ SuSE Linux 7.0 alpha
+ SuSE Linux 7.0
+ SuSE Linux 6.4 ppc
+ SuSE Linux 6.4 i386
+ SuSE Linux 6.4 alpha
+ SuSE Linux 6.4
Imlib Imlib 1.9.7
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
Imlib Imlib 1.9.6
Imlib Imlib 1.9.5
Imlib Imlib 1.9.4
Imlib Imlib 1.9.3
Imlib Imlib 1.9.2
Imlib Imlib 1.9.1
Imlib Imlib 1.9
ImageMagick ImageMagick 6.0.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
ImageMagick ImageMagick 5.5.7
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
ImageMagick ImageMagick 5.5.6 .0-20030409
+ OpenPKG OpenPKG Current
ImageMagick ImageMagick 5.5.3 .2-1.2.0
+ OpenPKG OpenPKG 1.2
ImageMagick ImageMagick 5.4.8 .2-1.1.0
+ OpenPKG OpenPKG 1.1
ImageMagick ImageMagick 5.4.8
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
ImageMagick ImageMagick 5.4.7
+ Turbolinux Turbolinux Server 8.0
ImageMagick ImageMagick 5.4.4 .5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
ImageMagick ImageMagick 5.4.3
+ Turbolinux Turbolinux Workstation 8.0
ImageMagick ImageMagick 5.3.3
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 7.0
Enlightenment Imlib2 1.1.1
Enlightenment Imlib2 1.1
Enlightenment Imlib2 1.0.5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
Enlightenment Imlib2 1.0.4
+ Mandriva Linux Mandrake 8.0 ppc
Enlightenment Imlib2 1.0.3
Enlightenment Imlib2 1.0.2
Enlightenment Imlib2 1.0.1
Enlightenment Imlib2 1.0
Avaya Interactive Response 2.0
Not Vulnerable: Enlightenment Imlib2 1.1.2


 

Privacy Statement
Copyright 2010, SecurityFocus