CVE-2004-1025

8 documents6 sources

Severity

10.0CRITICAL

EPSS

2.7%

top 14.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Enlightenment Imlib Redhat Linux

Timeline

PublishedJan 10

Latest updateApr 29

Description

Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDenlightenment/imlib1.9.13, 1.9.14+1

▶NVDredhat/linux7.3, 9.0+1

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-2m2j-pxw7-8gwq: Multiple heap-based buffer overflows in imlib 1↗2022-04-29

▶

CVEList

CVE-2004-1025: Multiple heap-based buffer overflows in imlib 1↗2004-12-15

▶

📋Vendor Advisories

Ubuntu

imlib2 vulnerabilities↗2005-01-07

▶

Ubuntu

imlib vulnerabilities↗2004-12-29

▶

Red Hat

security flaw↗2004-09-16

▶

💬Community

Bugzilla

CVE-2004-1025 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-1025, CVE-2004-1026: imlib integer/buffer overflows↗2007-04-05

▶