‘imlib2 IMAGE_DIMENSIONS_OK Logic Error Vulnerability’
Summary
‘
Credit:
‘The information has been provided by Stefan Cornelius.
The original article can be found at: http://secunia.com/secunia_research/2010-54/‘
Details
‘Vulnerable Systems:
* imlib2 version 1.4.3
Immune Systems:
* HP-UX B.11.11 (B.11.11.02.008)
* HP-UX B.11.23 (B.11.23.1.007)
* HP-UX B.11.31 (C.8.13.3.5)
The vulnerability is caused by a logic error within the ‘IMAGE_DIMENSIONS_OK()’ macro in src/lib/image.h. This can be exploited to cause heap-based buffer overflows via e.g. specially crafted ARGB, XPM, and BMP image files.
Patch Availability:
Fixed in the SVN repository.
CVE Information:
CVE-2010-0991
Disclosure Timeline:
07/04/2010 – Vendor notified.
08/04/2010 – Vendor response.
21/04/2010 – Public disclosure.’