RHEL 2.1 / 3 : imlib (RHSA-2004:465)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

An updated imlib package that fixes several heap overflows is now

Imlib is an image loading and rendering library.

Several heap overflow flaws were found in the imlib BMP image handler.
An attacker could create a carefully crafted BMP file in such a way
that it could cause an application linked with imlib to execute
arbitrary code when the file was opened by a victim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0817 to this issue.

Users of imlib should update to this updated package which contains
backported patches and is not vulnerable to this issue.

See also :


Solution :

Update the affected imlib, imlib-cfgeditor and / or imlib-devel

Risk factor :

High / CVSS Base Score : 7.5

Family: Red Hat Local Security Checks

Nessus Plugin ID: 14735 ()

Bugtraq ID:

CVE ID: CVE-2004-0817

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial