ID CVE-2006-4808
Summary Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.
References
Vulnerable Configurations
  • cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:enlightenment:imlib2:1.1.2:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 20-07-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:P
refmap via4
bid 20903
gentoo GLSA-200612-20
mandriva
  • MDKSA-2006:198
  • MDKSA-2007:156
misc http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz
osvdb 30103
secunia
  • 22732
  • 22744
  • 22752
  • 22932
  • 23441
suse SUSE-SR:2006:026
ubuntu
  • USN-376-1
  • USN-376-2
vupen ADV-2006-4349
xf imlib2-loadertgac-bo(30068)
statements via4
contributor Mark J Cox
lastmodified 2006-11-22
organization Red Hat
statement Not vulnerable. Red Hat Enterprise Linux 2.1, 3, and 4 do not include imlib2.
Last major update 20-07-2017 - 01:33
Published 07-11-2006 - 00:07
Last modified 20-07-2017 - 01:33
Back to Top