ID CVE-2007-3568
Summary The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service (infinite loop) via a BMP image with a Bits Per Page (BPP) value of 0.
References
Vulnerable Configurations
  • cpe:2.3:a:imlib:imlib:1.9.15
    cpe:2.3:a:imlib:imlib:1.9.15
CVSS
Base: 5.0 (as of 06-07-2007 - 14:52)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4594.NASL
    description This update includes a fix for a denial-of-service issue (CVE-2007-3568) whereby an attacker who could get an imlib-using user to view a specially crafted BMP image could cause the user's CPU to go into an infinite loop. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 29810
    published 2007-12-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29810
    title Fedora 8 : imlib-1.9.15-6.fc8 (2007-4594)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-4561.NASL
    description This update includes a fix for a denial-of-service issue (CVE-2007-3568) whereby an attacker who could get an imlib-using user to view a specially crafted BMP image could cause the user's CPU to go into an infinite loop. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 29809
    published 2007-12-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29809
    title Fedora 7 : imlib-1.9.15-6.fc7 (2007-4561)
refmap via4
bid 24750
misc http://www.securiteam.com/unixfocus/5WP030UM0W.html
osvdb 39016
sectrack 1018332
xf dotclear-redacteur-xss(35325)
statements via4
  • contributor Vincent Danen
    lastmodified 2007-09-17
    organization Mandriva
    statement Mandriva does not consider bugs which result in a user-assisted crash of end user applications to be a security issue.
  • contributor Joshua Bressers
    lastmodified 2007-07-06
    organization Red Hat
    statement Red Hat does not consider bugs which result in a user-assisted crash of end user application to be a security issue.
Last major update 29-10-2012 - 22:52
Published 05-07-2007 - 15:30
Last modified 28-07-2017 - 21:32
Back to Top