CVE-2014-9762
https://notcve.org/view.php?id=CVE-2014-9762
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap. imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de una imagen GIF sin un mapa de colores. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html http://www.debian.org/security/2016/dsa-3537 http://www.securityfocus.com/bid/90959 https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56 https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog https://security.gentoo.org/glsa/201611-12 • CWE-20: Improper Input Validation •
CVE-2014-9763
https://notcve.org/view.php?id=CVE-2014-9763
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file. imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de aplicación) a través de un archivo PNM manipulado. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html http://www.debian.org/security/2016/dsa-3537 http://www.securityfocus.com/bid/90955 https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=c21beaf1780cf3ca291735ae7d58a3dde63277a2 https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog https://security.gentoo.org/glsa/201611-12 • CWE-189: Numeric Errors •
CVE-2014-9764
https://notcve.org/view.php?id=CVE-2014-9764
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file. imlib2 en versiones anteriores a 1.4.7 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de un archivo GIF manipulado. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00076.html http://www.debian.org/security/2016/dsa-3537 http://www.securityfocus.com/bid/90962 https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=1f9b0b32728803a1578e658cd0955df773e34f49 https://git.enlightenment.org/legacy/imlib2.git/tree/ChangeLog https://security.gentoo.org/glsa/201611-12 • CWE-20: Improper Input Validation •
CVE-2008-6079
https://notcve.org/view.php?id=CVE-2008-6079
imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows." Múltiples vulnerabilidades no especificadas en mlib2 anterior a v1.4.2 tienen un impacto y vectores de ataque desconocidos. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469 http://secunia.com/advisories/32354 http://secunia.com/advisories/39340 http://sourceforge.net/project/shownotes.php?release_id=634778 http://www.debian.org/security/2010/dsa-2029 http://www.securityfocus.com/bid/31880 http://www.vupen.com/english/advisories/2008/2898 http://www.vupen.com/english/advisories/2010/0803 https://exchange.xforce.ibmcloud.com/vulnerabilities/46037 •
CVE-2006-4807
https://notcve.org/view.php?id=CVE-2006-4807
loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808. loader_tga.c en imlib2 anterior a 1.2.1, y posiblemenet otras versiones, permite a un atacante remoto con la intervención de un usuario provocar denegación de servicio (caida) a través de imágenes TGA manipuladas que disparan una lectura de memoria fuera de rango, un asunto diferente que el CVE-2006-4808. • http://secunia.com/advisories/22732 http://secunia.com/advisories/22744 http://secunia.com/advisories/22752 http://secunia.com/advisories/22932 http://secunia.com/advisories/23441 http://security.gentoo.org/glsa/glsa-200612-20.xml http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz http://www.mandriva.com/security/advisories?name=MDKSA-2006:198 http://www.mandriva.com/security/advisories?name=MDKSA-2007:156 http://www.novell.com/linux/security/adv •