Vulnerability in Conectiva Linux

CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

EPSS: 0.049 (90.9th percentile) — read the EPSS interpretation.

Affected products

Conectiva Linux — versions 9.0, 10.0
Enlightenment Imlib — versions 1.9, 1.9.1, 1.9.2
Enlightenment Imlib2 — versions 1.0, 1.0.1, 1.0.2
Imagemagick — versions 5.3.3, 5.4.3, 5.4.4.5
Mandrakesoft Mandrake_linux — versions 9.2, 10.0
Mandrakesoft Mandrake_linux_corporate_server — versions 2.1
Sun Java_desktop_system — versions 2.0, 2003
Turbolinux Turbolinux_desktop — versions 10.0
Turbolinux Turbolinux_server — versions 7.0, 8.0
Turbolinux Turbolinux_workstation — versions 7.0, 8.0

References

cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
cve@mitre.org (vendor-advisory, Patch, x_refsource_DEBIAN, Vendor Advisory)
cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (vendor-advisory, Patch, x_refsource_CONECTIVA)
cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (vendor-advisory, Patch, x_refsource_GENTOO, Vendor Advisory)