Search
Find a vulnerability
Search criteria
4 vulnerabilities found for sdl_image by sdl
CVE-2008-0544 (GCVE-0-2008-0544)
Vulnerability from nvd – Published: 2008-02-01 19:41 – Updated: 2024-08-07 07:46
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2008-01-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27435",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27435"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28752"
},
{
"name": "sdlimage-imgloadlbmrw-bo(39899)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39899"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27435",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27435"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28752"
},
{
"name": "sdlimage-imgloadlbmrw-bo(39899)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39899"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27435"
},
{
"name": "28869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28752"
},
{
"name": "sdlimage-imgloadlbmrw-bo(39899)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39899"
},
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521"
},
{
"name": "https://issues.rpath.com/browse/RPL-2206",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=207933",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "29542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29542"
},
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup"
},
{
"name": "DSA-1493",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "28640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28640"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28830"
},
{
"name": "GLSA-200802-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "USN-595-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0544",
"datePublished": "2008-02-01T19:41:00.000Z",
"dateReserved": "2008-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:55.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6697 (GCVE-0-2007-6697)
Vulnerability from nvd – Published: 2008-02-01 19:41 – Updated: 2024-08-07 16:18
VLAI
EPSS
VEX
Summary
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2007-12-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462"
},
{
"name": "sdlimage-gif-bo(39865)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39865"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28752"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29542"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "27417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27417"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120110205511630\u0026w=2"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vexillium.org/?sec-sdlgif"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
},
{
"name": "28837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28837"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462"
},
{
"name": "sdlimage-gif-bo(39865)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39865"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28752"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29542"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "27417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27417"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120110205511630\u0026w=2"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vexillium.org/?sec-sdlgif"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
},
{
"name": "28837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28837"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462"
},
{
"name": "sdlimage-gif-bo(39865)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39865"
},
{
"name": "28869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28752"
},
{
"name": "https://issues.rpath.com/browse/RPL-2206",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=207933",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup"
},
{
"name": "29542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29542"
},
{
"name": "DSA-1493",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "27417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27417"
},
{
"name": "28640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28640"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28830"
},
{
"name": "20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=120110205511630\u0026w=2"
},
{
"name": "GLSA-200802-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "http://vexillium.org/?sec-sdlgif",
"refsource": "MISC",
"url": "http://vexillium.org/?sec-sdlgif"
},
{
"name": "USN-595-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
},
{
"name": "28837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28837"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6697",
"datePublished": "2008-02-01T19:41:00.000Z",
"dateReserved": "2008-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:18:20.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0544 (GCVE-0-2008-0544)
Vulnerability from cvelistv5 – Published: 2008-02-01 19:41 – Updated: 2024-08-07 07:46
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
21 references
Date Public
2008-01-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27435",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27435"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28752"
},
{
"name": "sdlimage-imgloadlbmrw-bo(39899)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39899"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27435",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27435"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28752"
},
{
"name": "sdlimage-imgloadlbmrw-bo(39899)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39899"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27435"
},
{
"name": "28869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28752"
},
{
"name": "sdlimage-imgloadlbmrw-bo(39899)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39899"
},
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341\u0026r2=3521"
},
{
"name": "https://issues.rpath.com/browse/RPL-2206",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=207933",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "29542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29542"
},
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521\u0026view=markup"
},
{
"name": "DSA-1493",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "28640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28640"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28830"
},
{
"name": "GLSA-200802-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "USN-595-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0544",
"datePublished": "2008-02-01T19:41:00.000Z",
"dateReserved": "2008-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:55.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6697 (GCVE-0-2007-6697)
Vulnerability from cvelistv5 – Published: 2008-02-01 19:41 – Updated: 2024-08-07 16:18
VLAI
EPSS
VEX
Summary
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2007-12-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462"
},
{
"name": "sdlimage-gif-bo(39865)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39865"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28752"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29542"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "27417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27417"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120110205511630\u0026w=2"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vexillium.org/?sec-sdlgif"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
},
{
"name": "28837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28837"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462"
},
{
"name": "sdlimage-gif-bo(39865)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39865"
},
{
"name": "28869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28752"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup"
},
{
"name": "29542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29542"
},
{
"name": "DSA-1493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "27417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27417"
},
{
"name": "28640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28830"
},
{
"name": "20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=120110205511630\u0026w=2"
},
{
"name": "GLSA-200802-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vexillium.org/?sec-sdlgif"
},
{
"name": "USN-595-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
},
{
"name": "28837",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28837"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970\u0026r2=3462"
},
{
"name": "sdlimage-gif-bo(39865)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39865"
},
{
"name": "28869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28869"
},
{
"name": "28850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28850"
},
{
"name": "FEDORA-2008-1208",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html"
},
{
"name": "28752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28752"
},
{
"name": "https://issues.rpath.com/browse/RPL-2206",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2206"
},
{
"name": "FEDORA-2008-1231",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00039.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=207933",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=207933"
},
{
"name": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462\u0026view=markup"
},
{
"name": "29542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29542"
},
{
"name": "DSA-1493",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1493"
},
{
"name": "27417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27417"
},
{
"name": "28640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28640"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0061",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0061"
},
{
"name": "20080213 rPSA-2008-0061-1 SDL_image",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488079/100/0/threaded"
},
{
"name": "28830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28830"
},
{
"name": "20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=120110205511630\u0026w=2"
},
{
"name": "GLSA-200802-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml"
},
{
"name": "http://vexillium.org/?sec-sdlgif",
"refsource": "MISC",
"url": "http://vexillium.org/?sec-sdlgif"
},
{
"name": "USN-595-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-595-1"
},
{
"name": "ADV-2008-0266",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0266"
},
{
"name": "MDVSA-2008:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:040"
},
{
"name": "28837",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28837"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6697",
"datePublished": "2008-02-01T19:41:00.000Z",
"dateReserved": "2008-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:18:20.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}