FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-06 12:07:22 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
00644f03-fb58-11d8-9837-000c41e2cdad	imlib -- BMP decoder heap buffer overflow Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution. Discovery 2004-08-25 Entry 2004-08-31 Modified 2004-09-02 imlib < 1.9.14_4 CVE-2004-0817 http://bugzilla.gnome.org/show_bug.cgi?id=151034
2001103a-6bbd-11d9-851d-000a95bc6fae	imlib -- xpm heap buffer overflows and integer overflows Pavel Kankovsky reports: Imlib affected by a variant of CAN-2004-0782 too. I've discovered more vulnerabilities in Imlib (1.9.13). In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt). Look at the attached image, it kills ee on my 7.3. The flaws also affect imlib2. Discovery 2004-12-06 Entry 2005-01-21 imlib < 1.9.15_2 imlib2 < 1.1.2_1 CVE-2004-1025 CVE-2004-1026 11830 https://bugzilla.fedora.us/show_bug.cgi?id=2051#c11 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=138516 http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c#rev1.3

VuXML ID

Description

00644f03-fb58-11d8-9837-000c41e2cdad

imlib -- BMP decoder heap buffer overflow

Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution.

Discovery 2004-08-25
Entry 2004-08-31
Modified 2004-09-02
imlib

< 1.9.14_4

CVE-2004-0817
http://bugzilla.gnome.org/show_bug.cgi?id=151034

2001103a-6bbd-11d9-851d-000a95bc6fae

imlib -- xpm heap buffer overflows and integer overflows

Pavel Kankovsky reports:

Imlib affected by a variant of CAN-2004-0782 too.

I've discovered more vulnerabilities in Imlib (1.9.13). In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt). Look at the attached image, it kills ee on my 7.3.

The flaws also affect imlib2.

Discovery 2004-12-06
Entry 2005-01-21
imlib

< 1.9.15_2

imlib2

< 1.1.2_1

CVE-2004-1025
CVE-2004-1026
11830
https://bugzilla.fedora.us/show_bug.cgi?id=2051#c11
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=138516
http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c#rev1.3