CVE-2008-6079

Name of the Vulnerable Software and Affected Versions imlib2 versions prior to 1.4.2

Description The issue allows context-dependent attackers to have an unspecified impact via a crafted file, including ARGB, BMP, JPEG, LBM, PNM, TGA, or XPM files. This is related to several heap and stack-based buffer overflows, partly due to integer overflows.

Recommendations For versions prior to 1.4.2, update to version 1.4.2 or later to resolve the issue. As a temporary workaround, consider restricting the processing of crafted files until a patch is available. Avoid using the vulnerable functions related to the processing of ARGB, BMP, JPEG, LBM, PNM, TGA, or XPM files in imlib2 until the issue is resolved.