CVE-2008-0544 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Image

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents8 sources

Severity

10.0CRITICALNVD

EPSS

8.7%

top 7.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Sdl-image1.2 SDL Image

Timeline

PublishedFeb 1

Latest updateMay 1

Description

Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶debiandebian/sdl-image1.2< sdl-image1.2 1.2.6-3 (bookworm)

▶NVDsdl/sdl_image1.2.6

🔴Vulnerability Details

GHSA

GHSA-r37c-fgx7-q833: Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm↗2022-05-01

▶

OSV

CVE-2008-0544: Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm↗2008-02-01

▶

💥Exploits & PoCs

Exploit-DB

PyCrypto ARC2 Module - Remote Buffer Overflow↗2009-02-07

▶

📋Vendor Advisories

Ubuntu

SDL_image vulnerabilities↗2008-03-26

▶

Red Hat

SDL_image: ILBM image handlig buffer overflow↗2008-01-24

▶

Debian

CVE-2008-0544: sdl-image1.2 - Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_im...↗2008

▶

💬Community

Bugzilla

CVE-2008-0544 SDL_image: ILBM image handlig buffer overflow↗2008-01-29

▶