Oval Definition:oval:com.redhat.rhsa:def:20040651
Revision Date:2004-12-23Version:503
Title:RHSA-2004:651: imlib security update (Moderate)
Description:The imlib packages contain an image loading and rendering library.

Pavel Kankovsky discovered several heap overflow flaws that were found in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1025 to this issue.

Additionally, Pavel discovered several integer overflow flaws that were found in the imlib image handler. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib to execute arbitrary code or crash when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1026 to this issue.

Users of imlib should update to these updated packages, which contain backported patches and are not vulnerable to this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2004-1025
CVE-2004-1026
RHSA-2004:651-02
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux 3 is installed
  • AND Package Information
  • imlib-cfgeditor is earlier than 1:1.9.13-13.4
  • AND imlib-cfgeditor is signed with Red Hat master key
  • OR
  • imlib is earlier than 1:1.9.13-13.4
  • AND imlib is signed with Red Hat master key
  • OR
  • imlib-devel is earlier than 1:1.9.13-13.4
  • AND imlib-devel is signed with Red Hat master key
    • BACK