Vulnerability Name:

CVE-2007-2459 (CCN-34010)

Assigned:2007-04-30
Published:2007-04-30
Updated:2017-07-29
Summary:Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CONFIRM
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582

Source: MITRE
Type: CNA
CVE-2007-2413

Source: MITRE
Type: CNA
CVE-2007-2459

Source: CCN
Type: Imager Web page
Imager - News

Source: CONFIRM
Type: UNKNOWN
http://imager.perl.org/a/65.html

Source: OSVDB
Type: UNKNOWN
35470

Source: OSVDB
Type: UNKNOWN
39846

Source: CCN
Type: CPAN Bug #26811
BMP reader security issue

Source: CONFIRM
Type: UNKNOWN
http://rt.cpan.org/Public/Bug/Display.html?id=26811

Source: CCN
Type: SA25038
Imager 8Bit BMP File Parsing Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
25038

Source: SECUNIA
Type: Vendor Advisory
28868

Source: DEBIAN
Type: UNKNOWN
DSA-1498

Source: DEBIAN
Type: DSA-1498
libimager-perl -- buffer overflow

Source: CCN
Type: OSVDB ID: 35470
Imager 8Bit BMP File Parsing Overflow

Source: CCN
Type: OSVDB ID: 39846
Imager bmp.c read_4bit_bmp Function 4-bit/pixel BMP File Parsing Overflow

Source: BID
Type: UNKNOWN
23711

Source: CCN
Type: BID-23711
Imager 8 Bit BMP Heap Based Buffer Overflow Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2007-1587

Source: XF
Type: UNKNOWN
imager-bmpfile-bo(34010)

Source: XF
Type: UNKNOWN
imager-bmpfile-bo(34010)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tony_cook:imager:0.44:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.44_1:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.45:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.45_2:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.46:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.47:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.48:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.49:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.50:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.51:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.52:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.53:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.54:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.55:*:*:*:*:*:*:*
  • OR cpe:/a:tony_cook:imager:0.56:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:7933
    P
    DSA-1498 libimager-perl -- buffer overflow
    2014-06-23
    oval:org.mitre.oval:def:20377
    P
    DSA-1498-1 libimager-perl - buffer overflow
    2014-06-23
    oval:org.debian:def:1498
    V
    buffer overflow
    2008-02-19
    BACK
    tony_cook imager 0.44
    tony_cook imager 0.44_1
    tony_cook imager 0.45
    tony_cook imager 0.45_2
    tony_cook imager 0.46
    tony_cook imager 0.47
    tony_cook imager 0.48
    tony_cook imager 0.49
    tony_cook imager 0.50
    tony_cook imager 0.51
    tony_cook imager 0.52
    tony_cook imager 0.53
    tony_cook imager 0.54
    tony_cook imager 0.55
    tony_cook imager 0.56