Buffer overflow in Enlightenment Imlib2

CVE-2008-5187

The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error"…

Vulnerability class: Buffer Overflow

EPSS: 0.036 (88.1th percentile) — read the EPSS interpretation.

Affected products

Enlightenment Imlib2 — versions 1.4.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)
cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_UBUNTU, vendor-advisory)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vendor-advisory, x_refsource_SUSE)