CVE-2008-5187

CWE-119Buffer Overflow8 documents8 sources
Severity
7.5HIGH
EPSS
2.0%
top 16.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Enlightenment Imlib2
Timeline
PublishedNov 21
Latest updateMay 17

Description

The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianimlib2< 1.4.0-1.2+3

🔴Vulnerability Details

3
GHSA
GHSA-793h-w8mx-wf86: The load function in the XPM loader for imlib2 12022-05-17
OSV
CVE-2008-5187: The load function in the XPM loader for imlib2 12008-11-21
CVEList
CVE-2008-5187: The load function in the XPM loader for imlib2 12008-11-21

📋Vendor Advisories

3
Ubuntu
Imlib2 vulnerability2008-12-02
Red Hat
imilb2: pointer arithmetic flaw in XPM loader2008-11-14
Debian
CVE-2008-5187: imlib2 - The load function in the XPM loader for imlib2 1.4.2, and possibly other version...2008

💬Community

1
Bugzilla
CVE-2008-5187 imilb2: pointer arithmetic flaw in XPM loader2008-11-21
CVE-2008-5187 (HIGH CVSS 7.5) | The load function in the XPM loader | cvebase.io