CVE-2006-4808

10 documents9 sources

Severity

2.6LOW

EPSS

4.6%

top 10.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Enlightenment Imlib2

Timeline

PublishedNov 7

Latest updateMay 1

Description

Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶Debianimlib2< 1.3.0.0debian1-3+3

▶NVDenlightenment/imlib29 versions+8

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: www.ubuntu.com ↗

🔴Vulnerability Details

GHSA

GHSA-hcr5-cf9m-7gf4: Heap-based buffer overflow in loader_tga↗2022-05-01

▶

CVEList

CVE-2006-4808: Heap-based buffer overflow in loader_tga↗2006-11-07

▶

OSV

CVE-2006-4808: Heap-based buffer overflow in loader_tga↗2006-11-07

▶

💥Exploits & PoCs

Exploit-DB

phpBB lat2cyr Mod 1.0.1 - 'lat2cyr.php' Remote File Inclusion↗2006-10-13

▶

📋Vendor Advisories

Ubuntu

imlib2 vulnerabilities↗2006-11-03

▶

Debian

CVE-2006-4808: imlib2 - Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly ...↗2006

▶

Red Hat

CVE-2006-4808: Heap-based buffer overflow in loader_tga↗

▶

Red Hat

CVE-2006-4807: loader_tga↗

▶

💬Community

Bugzilla

CVE-2006-480[6-9] imlib2 multiple vulnerabilities↗2006-11-08

▶