Ubuntu USN-697-1 (imlib2) Network Vulnerability

Summary

The remote host is missing an update to imlib2 announced via advisory USN-697-1.

Solution

The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libimlib2 1.2.1-2ubuntu0.4 Ubuntu 7.10: libimlib2 1.3.0.0debian1-4ubuntu0.2 Ubuntu 8.04 LTS: libimlib2 1.4.0-1ubuntu1.2 After a standard system upgrade you need to restart any applications that use Imlib2 to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-697-1

Insight

It was discovered that Imlib2 did not correctly handle certain malformed XPM and PNG images. If a user were tricked into opening a specially crafted image with an application that uses Imlib2, an attacker could cause a denial of service and possibly execute arbitrary code with the user's privileges.

Severity

Classification

CVE	CVE-2007-3372, CVE-2008-2237, CVE-2008-2238, CVE-2008-2426, CVE-2008-2434, CVE-2008-4242, CVE-2008-4577, CVE-2008-4844, CVE-2008-4870, CVE-2008-4937, CVE-2008-5027, CVE-2008-5081, CVE-2008-5140, CVE-2008-5312, CVE-2008-5313

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities