FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-20 14:15:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
632c98be-aad2-4af2-849f-41a6862afd6ap5-Imager -- possibly exploitable buffer overflow

Imager 0.56 and all earlier versions with BMP support have a security issue when reading compressed 8-bit per pixel BMP files where either a compressed run of data or a literal run of data overflows the scan-line.

Such an overflow causes a buffer overflow in a malloc() allocated memory buffer, possibly corrupting the memory arena headers.

The effect depends on your system memory allocator, with glibc this typically results in an abort, but with other memory allocators it may be possible to cause local code execution.


Discovery 2007-04-04
Entry 2007-04-30
Modified 2010-05-12
p5-Imager
< 0.57

CVE-2007-1942
CVE-2007-1943
CVE-2007-1946
CVE-2007-1948
https://rt.cpan.org/Public/Bug/Display.html?id=26811
http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html