Vulnerability Description
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Enlightenment | Imlib | 1.9 |
| Enlightenment | Imlib2 | 1.0 |
| Imagemagick | Imagemagick | 5.3.3 |
| Sun | Java Desktop System | 2.0 |
| Conectiva | Linux | 9.0 |
| Mandrakesoft | Mandrake Linux | 9.2 |
| Mandrakesoft | Mandrake Linux Corporate Server | 2.1 |
| Redhat | Enterprise Linux | 2.1 |
| Redhat | Enterprise Linux Desktop | 3.0 |
| Redhat | Fedora Core | core_1.0 |
| Redhat | Linux Advanced Workstation | 2.1 |
| Suse | Suse Linux | 8.0 |
| Turbolinux | Turbolinux Desktop | 10.0 |
| Turbolinux | Turbolinux Server | 7.0 |
| Turbolinux | Turbolinux Workstation | 7.0 |
| Ubuntu | Ubuntu Linux | 4.1 |
References
- http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?re
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
- http://www.gentoo.org/security/en/glsa/glsa-200409-12.xmlPatchVendor Advisory
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089
- http://www.securityfocus.com/bid/11084Patch
- http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17183
- http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?re
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
- http://www.gentoo.org/security/en/glsa/glsa-200409-12.xmlPatchVendor Advisory
- http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089
- http://www.securityfocus.com/bid/11084Patch
- http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.htmlVendor Advisory
FAQ
What is CVE-2004-0802?
CVE-2004-0802 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
How severe is CVE-2004-0802?
CVE-2004-0802 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0802?
Check the references section above for vendor advisories and patch information. Affected products include: Enlightenment Imlib, Enlightenment Imlib2, Imagemagick Imagemagick, Sun Java Desktop System, Conectiva Linux.