First published: Tue Nov 07 2006(Updated: )
Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Enlightenment Imlib2 | =1.3 | |
Enlightenment Imlib2 | =1.1.1 | |
Enlightenment Imlib2 | =1.0 | |
Enlightenment Imlib2 | =1.0.5 | |
Enlightenment Imlib2 | =1.2.2 | |
Enlightenment Imlib2 | =1.2.1 | |
Enlightenment Imlib2 | =1.0.2 | |
Enlightenment Imlib2 | =1.1 | |
Enlightenment Imlib2 | =1.0.3 | |
Enlightenment Imlib2 | =1.0.4 | |
Enlightenment Imlib2 | =1.0.1 | |
Enlightenment Imlib2 | =1.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-4806 is classified as a high severity vulnerability due to its potential to cause denial of service and possibly allow for arbitrary code execution.
To fix CVE-2006-4806, update to the latest version of Imlib2 that addresses this vulnerability.
CVE-2006-4806 affects various image file types including ARGB, PNG, LBM, JPEG, and TIFF.
Yes, CVE-2006-4806 can be exploited by remote attackers through specially crafted images.
Imlib2 versions 1.0, 1.1, and 1.3, including specific versions like 1.2.2 and 1.0.5, are vulnerable to CVE-2006-4806.