CVE-2008-6079

high

Description

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46037

http://www.vupen.com/english/advisories/2010/0803

http://www.vupen.com/english/advisories/2008/2898

http://www.securityfocus.com/bid/31880

http://www.debian.org/security/2010/dsa-2029

http://sourceforge.net/project/shownotes.php?release_id=634778

http://secunia.com/advisories/39340

http://secunia.com/advisories/32354

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576469

Details

Source: Mitre, NVD

Published: 2009-02-06

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.02822