Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2007-2459

Published: 02/05/2007 Updated: 29/07/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Tony Cook

Vulnerability Summary

Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 up to and including 0.56 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.

Vulnerable Product Search on Vulmon Subscribe to Product

tony cook imager 0.44_1

tony cook imager 0.45

tony cook imager 0.52

tony cook imager 0.53

tony cook imager 0.44

tony cook imager 0.50

tony cook imager 0.51

tony cook imager 0.45_2

tony cook imager 0.46

tony cook imager 0.47

tony cook imager 0.54

tony cook imager 0.55

tony cook imager 0.48

tony cook imager 0.49

tony cook imager 0.56

Vendor Advisories

Debian CVElist Bug Report Logs: [CVE-2007-2459] buffer overflow when reading 8-bit compressed BMP files
Debian Bug report logs - #421582 [CVE-2007-2459] buffer overflow when reading 8-bit compressed BMP files Package: libimager-perl; Maintainer for libimager-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Source for libimager-perl is src:libimager-perl (PTS, buildd, popcon) Reported by: Tony Cook < ...

References

CWE-119http://imager.perl.org/a/65.htmlhttp://rt.cpan.org/Public/Bug/Display.html?id=26811http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582http://www.debian.org/security/2008/dsa-1498http://www.securityfocus.com/bid/23711http://secunia.com/advisories/25038http://secunia.com/advisories/28868http://osvdb.org/39846http://www.vupen.com/english/advisories/2007/1587http://osvdb.org/35470https://exchange.xforce.ibmcloud.com/vulnerabilities/34010https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook