CVE-2004-0817
CVSS7.5
发布时间 :2004-12-31 00:00:00
修订时间 :2010-08-21 00:21:20
NMCOPS    

[原文]Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.


[CNNVD]IMLib/IMLib2多个BMP图像解码缓冲区溢出漏洞(CNNVD-200412-363)

        imlib图像处理器存在多个基于堆的缓冲区溢出漏洞。远程攻击者可以借助畸形BMP文件执行代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64
cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64
cpe:/a:imagemagick:imagemagick:5.4.4.5ImageMagick 5.4.4.5
cpe:/a:enlightenment:imlib:1.9.8
cpe:/o:redhat:enterprise_linux:2.1::advanced_server
cpe:/a:enlightenment:imlib:1.9.9
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64
cpe:/a:imagemagick:imagemagick:5.3.3ImageMagick 5.3.3
cpe:/a:imagemagick:imagemagick:5.5.7ImageMagick 5.5.7
cpe:/o:redhat:linux_advanced_workstation:2.1::itanium_processor
cpe:/a:enlightenment:imlib:1.9.13
cpe:/a:enlightenment:imlib:1.9.12
cpe:/o:redhat:enterprise_linux:3.0::enterprise_server
cpe:/a:imagemagick:imagemagick:6.0.2ImageMagick 6.0.2
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server
cpe:/a:enlightenment:imlib:1.9.3
cpe:/a:enlightenment:imlib:1.9.14
cpe:/o:redhat:linux_advanced_workstation:2.1::ia64
cpe:/a:sun:java_desktop_system:2003
cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64
cpe:/o:redhat:enterprise_linux:3.0::workstation
cpe:/a:enlightenment:imlib:1.9.6
cpe:/a:enlightenment:imlib2:1.0.1
cpe:/a:enlightenment:imlib:1.9.4
cpe:/o:turbolinux:turbolinux_workstation:8.0
cpe:/o:conectiva:linux:9.0Conectiva Linux 9.0
cpe:/a:enlightenment:imlib2:1.0.2
cpe:/a:imagemagick:imagemagick:5.4.8ImageMagick 5.4.8
cpe:/a:enlightenment:imlib:1.9.7
cpe:/a:enlightenment:imlib:1.9.1
cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64
cpe:/o:suse:suse_linux:8.0::i386
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64
cpe:/o:turbolinux:turbolinux_desktop:10.0
cpe:/o:suse:suse_linux:9.0SuSE SuSE Linux 9.0
cpe:/o:suse:suse_linux:8.2SuSE SuSE Linux 8.2
cpe:/a:imagemagick:imagemagick:5.4.7ImageMagick 5.4.7
cpe:/o:ubuntu:ubuntu_linux:4.1::ia64
cpe:/o:redhat:fedora_core:core_1.0
cpe:/o:ubuntu:ubuntu_linux:4.1::ppc
cpe:/a:imagemagick:imagemagick:5.4.8.2.1.1.0
cpe:/o:turbolinux:turbolinux_server:8.0
cpe:/a:sun:java_desktop_system:2.0Sun Java Desktop System 2.0
cpe:/a:enlightenment:imlib2:1.0
cpe:/o:turbolinux:turbolinux_server:7.0
cpe:/o:redhat:enterprise_linux:3.0::advanced_servers
cpe:/a:enlightenment:imlib:1.9.11
cpe:/a:enlightenment:imlib2:1.0.4
cpe:/o:suse:suse_linux:8.1SuSE SuSE Linux 8.1
cpe:/a:enlightenment:imlib:1.9.10
cpe:/o:turbolinux:turbolinux_workstation:7.0
cpe:/o:suse:suse_linux:9.2SuSE SuSE Linux 9.2
cpe:/o:redhat:fedora_core:core_3.0
cpe:/a:imagemagick:imagemagick:5.5.6.0_2003-04-09ImageMagick 5.5.6.0 2003-04-09
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1MandrakeSoft Mandrake Linux Corporate Server 2.1
cpe:/o:suse:suse_linux:9.1SuSE SuSE Linux 9.1
cpe:/o:conectiva:linux:10.0Conectiva Linux 10.0
cpe:/a:enlightenment:imlib2:1.1.1
cpe:/a:enlightenment:imlib:1.9.2
cpe:/o:redhat:enterprise_linux:2.1::workstation
cpe:/a:enlightenment:imlib2:1.1
cpe:/a:enlightenment:imlib2:1.0.5
cpe:/o:suse:suse_linux:9.0::x86_64
cpe:/o:suse:suse_linux:8.0SuSE SuSE Linux 8.0
cpe:/a:enlightenment:imlib2:1.0.3
cpe:/o:mandrakesoft:mandrake_linux:9.2MandrakeSoft Mandrake Linux 9.2
cpe:/o:redhat:enterprise_linux_desktop:3.0Red Hat Desktop 3.0
cpe:/a:enlightenment:imlib:1.9
cpe:/o:redhat:fedora_core:core_2.0
cpe:/o:mandrakesoft:mandrake_linux:10.0MandrakeSoft Mandrake Linux 10.0
cpe:/a:imagemagick:imagemagick:5.5.3.2.1.2.0ImageMagick 5.5.3.2.1.2.0
cpe:/a:enlightenment:imlib:1.9.5
cpe:/a:imagemagick:imagemagick:5.4.3ImageMagick 5.4.3

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:8843Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file....
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0817
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0817
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200412-363
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/17182
(PATCH)  XF  imlib-bmp-bo(17182)
http://www.securityfocus.com/bid/11084
(PATCH)  BID  11084
http://www.redhat.com/support/errata/RHSA-2004-465.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:465
http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200409-12
http://www.debian.org/security/2004/dsa-548
(VENDOR_ADVISORY)  DEBIAN  DSA-548
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870
(PATCH)  CONECTIVA  CLA-2004:870
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
(UNKNOWN)  SUNALERT  201611
http://www.mandriva.com/security/advisories?name=MDKSA-2004:089
(UNKNOWN)  MANDRAKE  MDKSA-2004:089

- 漏洞信息

IMLib/IMLib2多个BMP图像解码缓冲区溢出漏洞
高危 缓冲区溢出
2004-12-31 00:00:00 2010-01-28 00:00:00
远程  
        imlib图像处理器存在多个基于堆的缓冲区溢出漏洞。远程攻击者可以借助畸形BMP文件执行代码。

- 公告与补丁

        The vendor has addressed this issue in Imlib2 1.1.2. Reportedly, this fix is available through CVS:
        http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/
        Please see the referenced advisories for more information.
        Sun Solaris 10
        
        RedHat Fedora Core2
        
        RedHat Fedora Core1
        
        Sun Solaris 10_x86
        
        Sun Solaris 9
        
        Sun Solaris 9_x86
        
        Enlightenment Imlib2 1.0.5
        

- 漏洞信息 (F34387)

dsa-548.txt (PacketStormID:F34387)
2004-09-17 00:00:00
Marcus Meissner  debian.org
advisory,overflow,arbitrary
linux,debian
CVE-2004-0817
[点击下载]

Debian Security Advisory DSA 548-1 - A heap overflow error in imlib could be abused by an attacker to execute arbitrary code on the vicim's machine.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 548-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 16th, 2004                    http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : imlib
Vulnerability  : unsanitised input
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0817

Marcus Meissner discovered a heap overflow error in imlib, an imaging
library for X and X11, that could be abused by an attacker to execute
arbitrary code on the vicims machine.

For the stable distribution (woody) this problem has been fixed in
version 1.9.14-2wody1.

For the unstable distribution (sid) this problem has been fixed in
version 1.9.14-17 of imlib and in version 1.9.14-16 of imlib+png2.

We recommend that you upgrade your imlib1 packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/i/imlib/imlib_1.9.14-2wody1.dsc
      Size/MD5 checksum:      803 6472ca2afec2286f184350d849bf9a5d
    http://security.debian.org/pool/updates/main/i/imlib/imlib_1.9.14-2wody1.diff.gz
      Size/MD5 checksum:   269552 31472b9a33f689d518c237fa7d742961
    http://security.debian.org/pool/updates/main/i/imlib/imlib_1.9.14.orig.tar.gz
      Size/MD5 checksum:   748591 1fa54011e4e1db532d7eadae3ced6a8c

  Architecture independent components:

    http://security.debian.org/pool/updates/main/i/imlib/imlib-base_1.9.14-2wody1_all.deb
      Size/MD5 checksum:   114576 15b012593229931c4bbc29040d2fdae5

  Alpha architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_alpha.deb
      Size/MD5 checksum:   119104 4e64b397ae2e9a839600fc8f19fdd1df
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_alpha.deb
      Size/MD5 checksum:    96582 a0f07e9f4ded557eb3fabc0914ea6625
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_alpha.deb
      Size/MD5 checksum:   116752 d036103895155f0267a26283631978d5
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_alpha.deb
      Size/MD5 checksum:   262078 5e49dc13a1a4d61f74222dc1ae1bcb57
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_alpha.deb
      Size/MD5 checksum:    96668 b4cff88f951f6682358f6f393691a5bd

  ARM architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_arm.deb
      Size/MD5 checksum:    93592 9c928508c6366fa367cddaecf4d2e99d
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_arm.deb
      Size/MD5 checksum:    75032 4f90fccb7d8bc12b188d62da43f8f712
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_arm.deb
      Size/MD5 checksum:    93634 1c44359a8043ecd94dbcd7a4349fac6a
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_arm.deb
      Size/MD5 checksum:   258134 5f10db2bcb55a1ef8de534bdd0be730a
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_arm.deb
      Size/MD5 checksum:    75924 87ff486de47e594a996992a8721c9542

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_i386.deb
      Size/MD5 checksum:    77454 2b01b6df4f0859f6975932d2c3889fef
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_i386.deb
      Size/MD5 checksum:    68730 afaadff6f4e14d885a663bd47c68c97a
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_i386.deb
      Size/MD5 checksum:    76038 3b541785c7423bbb1c08b7ab4195f25d
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_i386.deb
      Size/MD5 checksum:   258222 89e8b55aac576760bb7dbd2fbce97ef4
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_i386.deb
      Size/MD5 checksum:    69332 1a2f9af32e10060af9712309565de823

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_ia64.deb
      Size/MD5 checksum:   128272 be9e12e56078ad9426c018fd589a386c
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_ia64.deb
      Size/MD5 checksum:   115640 2894139657c170641f026a5f51be8ae4
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_ia64.deb
      Size/MD5 checksum:   128662 a0d502bd1cb1147ec2806739dab6ffd9
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_ia64.deb
      Size/MD5 checksum:   266378 5febdea31eb17b29854233fbfb307869
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_ia64.deb
      Size/MD5 checksum:   118478 b53e063c50cbee0082fd3f34e6495a07

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_hppa.deb
      Size/MD5 checksum:   104722 cd83de0a77ec1a2e9ad2b89661f7ce95
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_hppa.deb
      Size/MD5 checksum:    91568 e7ea261ab12d3026c655b88816b03fb1
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_hppa.deb
      Size/MD5 checksum:   103092 787e38c5c6804290826fb24d39942471
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_hppa.deb
      Size/MD5 checksum:   260886 6b7d99f18c2c4e531268d0685cec7815
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_hppa.deb
      Size/MD5 checksum:    91038 c8ca84e673418e3c0be7fd6f983b72a5

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_m68k.deb
      Size/MD5 checksum:    71648 46ee28536a1eca2cde30c8956aced176
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_m68k.deb
      Size/MD5 checksum:    63886 c27cb2052b30443ccbd8aaa1ee70752c
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_m68k.deb
      Size/MD5 checksum:    69480 62a8fdc6b8eefdf233073d27ff143159
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_m68k.deb
      Size/MD5 checksum:   257254 2062e2c1e836765fa547540c25217dc0
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_m68k.deb
      Size/MD5 checksum:    64098 bb634b1f3812b538a158fcb5ffb2037a

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_mips.deb
      Size/MD5 checksum:    95334 6df97ffb427a10ea4ad53b9031725fca
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_mips.deb
      Size/MD5 checksum:    75042 dc6945a5f284fe9df84f73aef5c5fd98
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_mips.deb
      Size/MD5 checksum:    92272 77d49cb7e43d26ff1c760f509b68a692
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_mips.deb
      Size/MD5 checksum:   257824 03abbd17269e50822da7d9ff8962500d
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_mips.deb
      Size/MD5 checksum:    75606 6173739a1120d7388a77727ee28a1c50

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_mipsel.deb
      Size/MD5 checksum:    95350 af89cfadec5bbb4e48f9ae0bb6c59b03
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_mipsel.deb
      Size/MD5 checksum:    75088 340cedde5a835f610164753e64d8a36d
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_mipsel.deb
      Size/MD5 checksum:    92286 48df55c16c2760bd82d5dfbd051d1104
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_mipsel.deb
      Size/MD5 checksum:   257692 f9b42b3f6d6ba9e4bdc48df5fe5c2d22
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_mipsel.deb
      Size/MD5 checksum:    75520 2c8d731adcee92a92307fd11861fdaae

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_powerpc.deb
      Size/MD5 checksum:    93706 6cc8b8753c18f11793805faeeb25aded
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_powerpc.deb
      Size/MD5 checksum:    76440 50d611afb959762e4b975bdf181dabe4
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_powerpc.deb
      Size/MD5 checksum:    89862 cbf553ff94b438dccea73bd68cb64f8f
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_powerpc.deb
      Size/MD5 checksum:   258394 2cbbcc991c068aa94adff360210dfc41
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_powerpc.deb
      Size/MD5 checksum:    75050 8e123dbbfc8e0ad2ec3acf21619f4658

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_s390.deb
      Size/MD5 checksum:    82924 5fff2f003dcd49d4786f09210b76df35
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_s390.deb
      Size/MD5 checksum:    77602 270ce2d438f02793c50f3f27dc26c872
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_s390.deb
      Size/MD5 checksum:    83804 6413991452e5bee44855606146c3402d
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_s390.deb
      Size/MD5 checksum:   258558 0f331b840d6f82164f4869ee4d9847d7
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_s390.deb
      Size/MD5 checksum:    78164 521720c8c47a87ef9c768108ec9bffed

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib-dev_1.9.14-2wody1_sparc.deb
      Size/MD5 checksum:    88346 7e8d46b4b7af331e92dc8bc40e1af3f1
    http://security.debian.org/pool/updates/main/i/imlib/gdk-imlib1_1.9.14-2wody1_sparc.deb
      Size/MD5 checksum:    76190 14d67fc9827d7eae2533c4ff3ad048b3
    http://security.debian.org/pool/updates/main/i/imlib/imlib-dev_1.9.14-2wody1_sparc.deb
      Size/MD5 checksum:    85312 5c8b26804737b09678f60ef9ea4048ba
    http://security.debian.org/pool/updates/main/i/imlib/imlib-progs_1.9.14-2wody1_sparc.deb
      Size/MD5 checksum:   258638 c2577ef0cc83d0934778c2eec3d106e3
    http://security.debian.org/pool/updates/main/i/imlib/imlib1_1.9.14-2wody1_sparc.deb
      Size/MD5 checksum:    76356 f500ce8f5cf4f16de487c1677970eccb


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBSYuBW5ql+IAeqTIRAty2AJ4jMn4adgixNcF2fzSi2aXM/mV/jQCgloOC
IQcDrKSW5nI+ZypbaZim+u8=
=rQte
-----END PGP SIGNATURE-----
    

- 漏洞信息

9435
imlib BMP Decoding Overflow
Remote / Network Access Input Manipulation
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

A remote overflow exists in imlib. imlib fails to perform proper bounds checking on BMP files resulting in a non-descript overflow. With a specially crafted request, an attacker can potentially cause imlib to crash or allow arbitrary code execution resulting in a loss of confidentiality and/or integrity.

- 时间线

2004-08-31 Unknow
2004-08-31 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, The Gnome Project has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

IMLib/IMLib2 Multiple BMP Image Decoding Buffer Overflow Vulnerabilities
Boundary Condition Error 11084
Yes No
2004-09-01 12:00:00 2008-02-11 05:06:00
Discovery of these vulnerabilities is credited to Marcus Meissner.

- 受影响的程序版本

Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 10_x86
Sun Solaris 10
Sun Java Desktop System (JDS) 2.0
Sun Java Desktop System (JDS) 2003
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Imlib Imlib 1.9.14
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Imlib Imlib 1.9.13
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ Red Hat Enterprise Linux AS 3
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 3
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
Imlib Imlib 1.9.12
Imlib Imlib 1.9.11
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
Imlib Imlib 1.9.10
+ Conectiva Linux 8.0
+ RedHat Linux 7.2
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
Imlib Imlib 1.9.9
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
Imlib Imlib 1.9.8
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ HP Secure OS software for Linux 1.0
+ Red Hat Linux 6.2
+ RedHat Linux 7.1
+ RedHat Linux 7.0
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4
Imlib Imlib 1.9.7
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
Imlib Imlib 1.9.6
Imlib Imlib 1.9.5
Imlib Imlib 1.9.4
Imlib Imlib 1.9.3
Imlib Imlib 1.9.2
Imlib Imlib 1.9.1
Imlib Imlib 1.9
ImageMagick ImageMagick 6.0.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
ImageMagick ImageMagick 5.5.7
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
ImageMagick ImageMagick 5.5.6 .0-20030409
+ OpenPKG OpenPKG Current
ImageMagick ImageMagick 5.5.3 .2-1.2.0
+ OpenPKG OpenPKG 1.2
ImageMagick ImageMagick 5.4.8 .2-1.1.0
+ OpenPKG OpenPKG 1.1
ImageMagick ImageMagick 5.4.8
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
ImageMagick ImageMagick 5.4.7
+ Turbolinux Turbolinux Server 8.0
ImageMagick ImageMagick 5.4.4 .5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
ImageMagick ImageMagick 5.4.3
+ Turbolinux Turbolinux Workstation 8.0
ImageMagick ImageMagick 5.3.3
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 7.0
Enlightenment Imlib2 1.1.1
Enlightenment Imlib2 1.1
Enlightenment Imlib2 1.0.5
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
Enlightenment Imlib2 1.0.4
+ Mandriva Linux Mandrake 8.0 ppc
Enlightenment Imlib2 1.0.3
Enlightenment Imlib2 1.0.2
Enlightenment Imlib2 1.0.1
Enlightenment Imlib2 1.0
Conectiva Linux 10.0
Conectiva Linux 9.0
Avaya Interactive Response 2.0
Enlightenment Imlib2 1.1.2

- 不受影响的程序版本

Enlightenment Imlib2 1.1.2

- 漏洞讨论

Multiple buffer-overflow vulnerabilities are reported to reside in the Iimlib/Imlib2 libraries. These issues may be triggered when handling malformed bitmap images.

A remote attacker could exploit these vulnerabilities to cause a denial of service in applications that use the vulnerable library to render images. Reportedly, attackers may also exploit these vulnerabilities to execute arbitrary code.

- 漏洞利用

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 解决方案

The vendor has addressed this issue in Imlib2 1.1.2. Reportedly, this fix is available through CVS:
http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/

Please see the referenced advisories for more information.


Sun Solaris 10

Red Hat Fedora Core2

Red Hat Fedora Core1

Sun Solaris 10_x86

Sun Solaris 9

Sun Solaris 9_x86

Enlightenment Imlib2 1.0.5

Imlib Imlib 1.9.10

Imlib Imlib 1.9.13

Imlib Imlib 1.9.14

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站