Solution
Please Install the Updated Packages.
Insight
The LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image contain a boundary error that could be triggered to cause a static buffer overflow and a heap-based buffer overflow. If a user using an application linked against the SDL_image library were to open a carefully crafted GIF or IFF ILBM file, the application could crash or possibly allow for the execution of arbitrary code.
The updated packages have been patched to correct this issue.
Affected
SDL_image on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64,
Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64,
Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64
Severity
Classification
-
CVE CVE-2007-6697, CVE-2008-0544 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities