FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Imlib2 -- multiple image file processing vulnerabilities

Affected packages
imlib2 < 20060926_1,1

Details

VuXML ID 92442c4b-6f4a-11db-bd28-0012f06707f0
Discovery 2006-11-03
Entry 2006-11-08

Secunia reports:

Some vulnerabilities have been reported in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

The vulnerabilities are caused due to unspecified errors within the processing of JPG, ARGB, PNG, LBM, PNM, TIFF, and TGA images. This may be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted image file with an application using imlib2.

References

Bugtraq ID 20903
CVE Name CVE-2006-4806
CVE Name CVE-2006-4807
CVE Name CVE-2006-4808
CVE Name CVE-2006-4809