CVE-2008-6079

Published: 6 February 2009

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."

Priority

Status

Package	Release	Status
imlib2 Launchpad, Ubuntu, Debian	dapper	Ignored (reached end-of-life)
	gutsy	Needed (reached end-of-life)
	hardy	Ignored (reached end-of-life)
	intrepid	Needed (reached end-of-life)
	jaunty	Not vulnerable (1.4.2-4ubuntu1)
	karmic	Not vulnerable (1.4.2-4ubuntu1)
	lucid	Not vulnerable (1.4.2-4ubuntu1)
	maverick	Not vulnerable (1.4.2-4ubuntu1)
	natty	Not vulnerable (1.4.2-4ubuntu1)
	oneiric	Not vulnerable (1.4.2-4ubuntu1)
	upstream	Released (1.4.2)

Notes

Author	Note
kees	no details on the flaws yet.

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›