Oval Definition:oval:org.opensuse.security:def:20085187
Revision Date:2022-06-30Version:1
Title:CVE-2008-5187
Description:

The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-5187
Mitre CVE-2008-5187
SUSE CVE-2008-5187
SUSE-SR:2009:002
SUSE-SR:2009:002
Platform(s):openSUSE 10.2
openSUSE 10.3
openSUSE 11.0
openSUSE Tumbleweed
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • imlib2-devel less than 1.2.1-17.16
  • OR imlib2-loaders less than 1.2.1-17.16
  • OR imlib2 less than 1.2.1-17.16
  • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • imlib2-1.4.2-2.18 is installed
  • OR imlib2-devel-1.4.2-2.18 is installed
  • OR imlib2-filters-1.4.2-2.18 is installed
  • OR imlib2-loaders-1.4.2-2.18 is installed
  • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • imlib2-1.7.1-1.6 is installed
  • OR imlib2-devel-1.7.1-1.6 is installed
  • OR imlib2-filters-1.7.1-1.6 is installed
  • OR imlib2-loaders-1.7.1-1.6 is installed
  • OR libImlib2-1-1.7.1-1.6 is installed
  • BACK