First published: Fri Sep 17 2004(Updated: )
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Imlib | =1.9 | |
Imlib | =1.9.1 | |
Imlib | =1.9.2 | |
Imlib | =1.9.3 | |
Imlib | =1.9.4 | |
Imlib | =1.9.5 | |
Imlib | =1.9.6 | |
Imlib | =1.9.7 | |
Imlib | =1.9.8 | |
Imlib | =1.9.9 | |
Imlib | =1.9.10 | |
Imlib | =1.9.11 | |
Imlib | =1.9.12 | |
Imlib | =1.9.13 | |
Imlib | =1.9.14 | |
Enlightenment Imlib2 | =1.0 | |
Enlightenment Imlib2 | =1.0.1 | |
Enlightenment Imlib2 | =1.0.2 | |
Enlightenment Imlib2 | =1.0.3 | |
Enlightenment Imlib2 | =1.0.4 | |
Enlightenment Imlib2 | =1.0.5 | |
Enlightenment Imlib2 | =1.1 | |
Enlightenment Imlib2 | =1.1.1 | |
ImageMagick | =5.3.3 | |
ImageMagick | =5.4.3 | |
ImageMagick | =5.4.4.5 | |
ImageMagick | =5.4.7 | |
ImageMagick | =5.4.8 | |
ImageMagick | =5.4.8.2.1.1.0 | |
ImageMagick | =5.5.3.2.1.2.0 | |
ImageMagick | =5.5.6.0_2003-04-09 | |
ImageMagick | =5.5.7 | |
ImageMagick | =6.0.2 | |
Sun Java Desktop System | =2.0 | |
Sun Java Desktop System | =2003 | |
Conectiva Linux | =9.0 | |
Conectiva Linux | =10.0 | |
Mandrake Linux | =9.2 | |
Mandrake Linux | =9.2 | |
Mandrake Linux | =10.0 | |
Mandrake Linux | =10.0 | |
Mandriva Linux Corporate Server | =2.1 | |
Mandriva Linux Corporate Server | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Enterprise Linux | =3.0 | |
Red Hat Enterprise Linux | =3.0 | |
Red Hat Enterprise Linux | =3.0 | |
Red Hat Enterprise Linux Desktop | =3.0 | |
Red Hat Fedora Core | =core_1.0 | |
Red Hat Fedora Core | =core_2.0 | |
Red Hat Fedora Core | =core_3.0 | |
Red Hat Linux Advanced Workstation | =2.1 | |
Red Hat Linux Advanced Workstation | =2.1 | |
SUSE Linux | =8.0 | |
SUSE Linux | =8.0 | |
SUSE Linux | =8.1 | |
SUSE Linux | =8.2 | |
SUSE Linux | =9.0 | |
SUSE Linux | =9.0 | |
SUSE Linux | =9.1 | |
SUSE Linux | =9.2 | |
TurboLinux Desktop | =10.0 | |
Turbolinux Server | =7.0 | |
Turbolinux Server | =8.0 | |
Turbolinux Workstation | =7.0 | |
Turbolinux Workstation | =8.0 | |
Ubuntu Linux | =4.1 | |
Ubuntu Linux | =4.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-0817 has a high severity rating due to the potential for remote code execution through crafted BMP files.
To mitigate CVE-2004-0817, update to the latest version of Imlib or ImageMagick which contains fixes for the buffer overflow vulnerabilities.
Affected software includes various versions of Imlib and ImageMagick, particularly those listed with versions 1.0 and above.
Yes, CVE-2004-0817 can be exploited remotely through the use of specially crafted BMP files.
CVE-2004-0817 is classified as a heap-based buffer overflow vulnerability.