FreeBSD : imlib2 -- BMP decoder buffer overflow (ba005226-fb5b-11d8-9837-000c41e2cdad)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Marcus Meissner discovered that imlib2's BMP decoder would crash when
loading the test BMP file created by Chris Evans for testing the
previous Qt vulnerability. There appears to be both a stack-based and
a heap-based buffer overflow that are believed to be exploitable for
arbitrary code execution.

See also :

http://www.nessus.org/u?e72a2b6c
http://www.nessus.org/u?0f5f37b1

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 36768 (freebsd_pkg_ba005226fb5b11d89837000c41e2cdad.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0802

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now