Description
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
Product(s):
- Enlightenment Imlib2 1.0.1
- Enlightenment Imlib2 1.0.2
- Enlightenment Imlib2 1.0.3
- Enlightenment Imlib2 1.0.4
- Enlightenment Imlib2 1.0.5
- Enlightenment Imlib2 1.0
- Enlightenment Imlib2 1.1.1
- Enlightenment Imlib2 1.1
- Enlightenment Imlib 1.9.10
- Enlightenment Imlib 1.9.11
- Enlightenment Imlib 1.9.12
- Enlightenment Imlib 1.9.13
- Enlightenment Imlib 1.9.14
- Enlightenment Imlib 1.9.1
- Enlightenment Imlib 1.9.2
- Enlightenment Imlib 1.9.3
- Enlightenment Imlib 1.9.4
- Enlightenment Imlib 1.9.5
- Enlightenment Imlib 1.9.6
- Enlightenment Imlib 1.9.7
- Enlightenment Imlib 1.9.8
- Enlightenment Imlib 1.9.9
- Enlightenment Imlib 1.9
- ImageMagick 5.3.3
- ImageMagick 5.4.3
- ImageMagick 5.4.4.5
- ImageMagick 5.4.7
- ImageMagick ImageMagick 5.4.8.2.1.1.0
- ImageMagick 5.4.8
- ImageMagick 5.5.3.2.1.2.0
- ImageMagick 5.5.6.0 2003-04-09
- ImageMagick 5.5.7
- ImageMagick 6.0.2
- Sun Java Desktop System 2.0
- Sun Java Desktop System 2003
- Conectiva Linux 10.0
- Conectiva Linux 9.0
- MandrakeSoft Mandrake Linux 10.0
- Mandrakesoft Mandrake Linux 10.0 on AMD64
- MandrakeSoft Mandrake Linux 9.2
- Mandrakesoft Mandrake Linux 9.2 on AMD64
- MandrakeSoft Mandrake Linux Corporate Server 2.1
- Mandrakesoft Mandrake Linux Corporate Server 2.1 on x86_64
- Red Hat Enterprise Linux 2.1 Advanced Server
- Red Hat Enterprise Linux 2.1 Advanced Server IA64
- Red Hat Enterprise Linux 2.1 Enterprise Server
- Red Hat Enterprise Linux 2.1 Enterprise Server IA64
- Red Hat Enterprise Linux 2.1 Workstation
- Red Hat Enterprise Linux 2.1 Workstation IA64
- Red Hat Enterprise Linux 3.0 Advanced Servers
- Red Hat Enterprise Linux 3.0 Enterprise Server Edition
- Red Hat Enterprise Linux 3.0 Workstation
- Red Hat Desktop 3.0
- Red Hat Fedora Core Core 1.0
- Red Hat Fedora Core Core 2.0
- Red Hat Fedora Core Core 3.0
- Red Hat Linux Advanced Workstation 2.1 on IA64
- Red Hat Linux Advanced Workstation 2.1 on Itanium Processor
- SuSE SuSE Linux 8.0
- SUSE Linux 8.0 on i386
- SuSE SuSE Linux 8.0 alpha
- SuSE SuSE Linux 8.1
- SuSE SuSE Linux 8.2
- SuSE SuSE Linux 9.0
- Suse Suse Linux 9.0 Enterprise Server Edition
- SUSE Linux 9.0 x86_64
- SuSE SuSE Linux 9.1
- SuSE SuSE Linux 9.2
- Turbolinux Turbolinux Desktop 10.0
- Turbolinux Server 7.0
- Turbolinux Server 8.0
- Turbolinux Workstation 7.0
- Turbolinux Workstation 8.0
- Ubuntu Linux 4.1 on IA64
- Ubuntu Linux 4.1 on PPC
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-0802, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-0802 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.