FreeBSD : p5-Imager -- possibly exploitable buffer overflow (632c98be-aad2-4af2-849f-41a6862afd6a)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Imager 0.56 and all earlier versions with BMP support have a security
issue when reading compressed 8-bit per pixel BMP files where either a
compressed run of data or a literal run of data overflows the
scan-line.

Such an overflow causes a buffer overflow in a malloc() allocated
memory buffer, possibly corrupting the memory arena headers.

The effect depends on your system memory allocator, with glibc this
typically results in an abort, but with other memory allocators it may
be possible to cause local code execution.

See also :

https://rt.cpan.org/Public/Bug/Display.html?id=26811
http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html
http://www.nessus.org/u?55dc6bb0

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 25130 (freebsd_pkg_632c98beaad24af2849f41a6862afd6a.nasl)

Bugtraq ID:

CVE ID: CVE-2007-1942
CVE-2007-1943
CVE-2007-1946
CVE-2007-1948

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now