CVE-2008-5187
published 2008-11-21CVE-2008-5187: The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | imlib2 | < imlib2 1.4.0-1.2 (bookworm) | imlib2 1.4.0-1.2 (bookworm) |
| enlightenment | imlib2 | — | — |
| enlightenment | imlib2 | >= 0 < 1.4.0-1.2 | 1.4.0-1.2 |
| enlightenment | imlib2 | >= 0 < 1.4.0-1.2 | 1.4.0-1.2 |
| enlightenment | imlib2 | >= 0 < 1.4.0-1.2 | 1.4.0-1.2 |
| enlightenment | imlib2 | >= 0 < 1.4.0-1.2 | 1.4.0-1.2 |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.3CRITICAL