VYPR

rpm package

opensuse/imlib2&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/imlib2&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2020-12761May 9, 2020
    affected < 1.11.1-2.1fixed 1.11.1-2.1

    modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

  • CVE-2010-0991Apr 22, 2010
    affected < 1.4.9-1.4fixed 1.4.9-1.4

    Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.

  • CVE-2008-5187Nov 21, 2008
    affected < 1.7.1-1.6fixed 1.7.1-1.6

    The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a diffe

  • CVE-2008-2426Jun 2, 2008
    affected < 1.7.1-1.6fixed 1.7.1-1.6

    Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_p