CVE-2008-5187
EPSS 2.0%imlib2 - arbitrary code execution
發布日:2008/11/21修改日:2026/4/28
描述
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.
受影響套件(2)
- Debian/imlib2from 0, < 1.4.0-1.2
- Debian/imlib2from 0, < 1.3.0.0debian1-4+etch2