CVE-2007-2459

Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.

Link	Resource
http://imager.perl.org/a/65.html
http://rt.cpan.org/Public/Bug/Display.html?id=26811
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
http://www.debian.org/security/2008/dsa-1498
http://www.securityfocus.com/bid/23711
http://secunia.com/advisories/25038	Vendor Advisory
http://secunia.com/advisories/28868	Vendor Advisory
http://osvdb.org/39846
http://www.vupen.com/english/advisories/2007/1587
http://osvdb.org/35470
https://exchange.xforce.ibmcloud.com/vulnerabilities/34010

Configuration 1

cpe:2.3:a:tony_cook:imager:0.52:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.48:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.53:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.45:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.49:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.54:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.45_2:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.46:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.56:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.44_1:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.44:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.51:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.47:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.55:*:*:*:*:*:*:* cpe:2.3:a:tony_cook:imager:0.50:*:*:*:*:*:*:*

---

Published : 2007-05-02 06:19

Updated : 2017-07-29 01:31

---

NVD link : CVE-2007-2459

Mitre link : CVE-2007-2459

No products.

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer