Vulnerability Description
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Enlightenment | Imlib | 1.9.13 |
| Gentoo | Linux | All versions |
| Redhat | Linux | 7.3 |
References
- http://www.debian.org/security/2005/dsa-628
- http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:007
- http://www.redhat.com/support/errata/RHSA-2004-651.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11830Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.debian.org/security/2005/dsa-628
- http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:007
- http://www.redhat.com/support/errata/RHSA-2004-651.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/11830Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2004-1026?
CVE-2004-1026 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application cra...
How severe is CVE-2004-1026?
CVE-2004-1026 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1026?
Check the references section above for vendor advisories and patch information. Affected products include: Enlightenment Imlib, Gentoo Linux, Redhat Linux.