CVE-2004-1026

11 documents9 sources

Severity

10.0CRITICAL

EPSS

2.7%

top 14.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Enlightenment Imlib Redhat Linux

Timeline

PublishedJan 10

Latest updateApr 29

Description

Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶Debianimlib2< 1.1.2-2.1+3

▶NVDenlightenment/imlib1.9.13, 1.9.14+1

▶NVDredhat/linux7.3, 9.0+1

Patches

Patch: www.redhat.com ↗Patch: www.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-82jg-xfmw-x3pg: Multiple integer overflows in the image handler for imlib 1↗2022-04-29

▶

OSV

CVE-2004-1026: Multiple integer overflows in the image handler for imlib 1↗2005-01-10

▶

CVEList

CVE-2004-1026: Multiple integer overflows in the image handler for imlib 1↗2004-12-10

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Internet Explorer - URL Injection in History List (MS04-004)↗2004-02-04

▶

📋Vendor Advisories

Ubuntu

imlib2 vulnerabilities↗2005-01-07

▶

Ubuntu

imlib vulnerabilities↗2004-12-29

▶

Red Hat

security flaw↗2004-09-16

▶

Debian

CVE-2004-1026: imlib2 - Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, wh...↗2004

▶

💬Community

Bugzilla

CVE-2004-1026 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-1025, CVE-2004-1026: imlib integer/buffer overflows↗2007-04-05

▶