PT-2004-3667 · Imlib · Imlib

Pavel Kankovsky

Published

1970-01-01

Updated

2017-10-11

CVE-2004-1026

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions imlib versions 1.9.13 and earlier imlib versions 1.9.14 and earlier

Description The issue involves multiple vulnerabilities in the imlib package, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially allowing attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.

Recommendations For imlib versions 1.9.13 and earlier, update to a version later than 1.9.13 to resolve the issue. For imlib versions 1.9.14 and earlier, update to a version later than 1.9.14 to resolve the issue. As a temporary workaround, consider restricting the use of image files from untrusted sources to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-02024

BDU:2015-02025

BDU:2015-06206

BDU:2015-06207

BDU:2015-06208

CVE-2004-1026

DSA-618-1

DSA-628-1

RHSA-2004:651

Affected Products

Imlib

PT-2004-3667 · Imlib · Imlib

CVE-2004-1026

Related Identifiers

Affected Products

References · 20