Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib | 2.1.0.1 |
| enlightenment | imlib | 2.1.0.4 |
| michael_jennings | eterm | 0.9.1 |
| enlightenment | imlib | 2.0.01.0.0 |
| enlightenment | imlib | 2.1.0.3 |
| enlightenment | imlib | 2.1.0.2 |
Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib | 1.9.4 |
| enlightenment | imlib | 1.9.7 |
| enlightenment | imlib | 1.9.12 |
| enlightenment | imlib | 1.9.5 |
| enlightenment | imlib | 1.9.8 |
| enlightenment | imlib | 1.9.3 |
| enlightenment | imlib | 1.9.10 |
| enlightenment | imlib | 1.9.2 |
| enlightenment | imlib | 1.9.11 |
| enlightenment | imlib | 1.9.1 |
| enlightenment | imlib | 1.9 |
| enlightenment | imlib | 1.9.6 |
| enlightenment | imlib | 1.9.9 |
Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib | 1.9.4 |
| enlightenment | imlib | 1.9.7 |
| enlightenment | imlib | 1.9.12 |
| enlightenment | imlib | 1.9.5 |
| enlightenment | imlib | 1.9.8 |
| enlightenment | imlib | 1.9.3 |
| enlightenment | imlib | 1.9.10 |
| enlightenment | imlib | 1.9.2 |
| enlightenment | imlib | 1.9.11 |
| enlightenment | imlib | 1.9.1 |
| enlightenment | imlib | 1.9 |
| enlightenment | imlib | 1.9.6 |
| enlightenment | imlib | 1.9.9 |
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | java_desktop_system | 2.0 |
| enlightenment | imlib | 1.9.12 |
| turbolinux | turbolinux_workstation | 8.0 |
| turbolinux | turbolinux_server | 7.0 |
| enlightenment | imlib | 1.9.13 |
| enlightenment | imlib | 1.9.8 |
| suse | suse_linux | 8.2 |
| enlightenment | imlib | 1.9.10 |
| enlightenment | imlib | 1.9.2 |
| enlightenment | imlib2 | 1.1.1 |
| imagemagick | imagemagick | 5.4.4.5 |
| suse | suse_linux | 9.0 |
| mandrakesoft | mandrake_linux | 9.2 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| enlightenment | imlib2 | 1.0.4 |
| turbolinux | turbolinux_server | 8.0 |
| suse | suse_linux | 8.0 |
| enlightenment | imlib2 | 1.0.3 |
| enlightenment | imlib2 | 1.0.2 |
| imagemagick | imagemagick | 6.0.2 |
| enlightenment | imlib2 | 1.0.1 |
| enlightenment | imlib | 1.9.11 |
| enlightenment | imlib2 | 1.1 |
| imagemagick | imagemagick | 5.3.3 |
| imagemagick | imagemagick | 5.4.8.2.1.1.0 |
| suse | suse_linux | 9.2 |
| redhat | fedora_core | core_2.0 |
| enlightenment | imlib | 1.9.4 |
| redhat | enterprise_linux_desktop | 3.0 |
| imagemagick | imagemagick | 5.5.3.2.1.2.0 |
| suse | suse_linux | 8.1 |
| conectiva | linux | 9.0 |
| mandrakesoft | mandrake_linux | 10.0 |
| redhat | enterprise_linux | 3.0 |
| enlightenment | imlib2 | 1.0 |
| imagemagick | imagemagick | 5.5.7 |
| suse | suse_linux | 9.1 |
| enlightenment | imlib | 1.9 |
| sun | java_desktop_system | 2003 |
| turbolinux | turbolinux_desktop | 10.0 |
| ubuntu | ubuntu_linux | 4.1 |
| enlightenment | imlib | 1.9.6 |
| redhat | fedora_core | core_3.0 |
| enlightenment | imlib | 1.9.7 |
| redhat | linux_advanced_workstation | 2.1 |
| redhat | enterprise_linux | 2.1 |
| enlightenment | imlib | 1.9.5 |
| enlightenment | imlib | 1.9.14 |
| redhat | fedora_core | core_1.0 |
| enlightenment | imlib | 1.9.3 |
| conectiva | linux | 10.0 |
| imagemagick | imagemagick | 5.4.7 |
| imagemagick | imagemagick | 5.5.6.0_2003-04-09 |
| imagemagick | imagemagick | 5.4.8 |
| enlightenment | imlib | 1.9.1 |
| enlightenment | imlib2 | 1.0.5 |
| turbolinux | turbolinux_workstation | 7.0 |
| imagemagick | imagemagick | 5.4.3 |
| enlightenment | imlib | 1.9.9 |
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | java_desktop_system | 2.0 |
| enlightenment | imlib | 1.9.12 |
| turbolinux | turbolinux_workstation | 8.0 |
| turbolinux | turbolinux_server | 7.0 |
| enlightenment | imlib | 1.9.13 |
| enlightenment | imlib | 1.9.8 |
| suse | suse_linux | 8.2 |
| enlightenment | imlib | 1.9.10 |
| enlightenment | imlib | 1.9.2 |
| enlightenment | imlib2 | 1.1.1 |
| imagemagick | imagemagick | 5.4.4.5 |
| suse | suse_linux | 9.0 |
| mandrakesoft | mandrake_linux | 9.2 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| enlightenment | imlib2 | 1.0.4 |
| turbolinux | turbolinux_server | 8.0 |
| suse | suse_linux | 8.0 |
| enlightenment | imlib2 | 1.0.3 |
| enlightenment | imlib2 | 1.0.2 |
| imagemagick | imagemagick | 6.0.2 |
| enlightenment | imlib2 | 1.0.1 |
| enlightenment | imlib | 1.9.11 |
| enlightenment | imlib2 | 1.1 |
| imagemagick | imagemagick | 5.3.3 |
| imagemagick | imagemagick | 5.4.8.2.1.1.0 |
| suse | suse_linux | 9.2 |
| redhat | fedora_core | core_2.0 |
| enlightenment | imlib | 1.9.4 |
| redhat | enterprise_linux_desktop | 3.0 |
| imagemagick | imagemagick | 5.5.3.2.1.2.0 |
| suse | suse_linux | 8.1 |
| conectiva | linux | 9.0 |
| mandrakesoft | mandrake_linux | 10.0 |
| redhat | enterprise_linux | 3.0 |
| enlightenment | imlib2 | 1.0 |
| imagemagick | imagemagick | 5.5.7 |
| suse | suse_linux | 9.1 |
| enlightenment | imlib | 1.9 |
| sun | java_desktop_system | 2003 |
| turbolinux | turbolinux_desktop | 10.0 |
| ubuntu | ubuntu_linux | 4.1 |
| enlightenment | imlib | 1.9.6 |
| redhat | fedora_core | core_3.0 |
| enlightenment | imlib | 1.9.7 |
| redhat | linux_advanced_workstation | 2.1 |
| redhat | enterprise_linux | 2.1 |
| enlightenment | imlib | 1.9.5 |
| enlightenment | imlib | 1.9.14 |
| redhat | fedora_core | core_1.0 |
| enlightenment | imlib | 1.9.3 |
| conectiva | linux | 10.0 |
| imagemagick | imagemagick | 5.4.7 |
| imagemagick | imagemagick | 5.5.6.0_2003-04-09 |
| imagemagick | imagemagick | 5.4.8 |
| enlightenment | imlib | 1.9.1 |
| enlightenment | imlib2 | 1.0.5 |
| turbolinux | turbolinux_workstation | 7.0 |
| imagemagick | imagemagick | 5.4.3 |
| enlightenment | imlib | 1.9.9 |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | java_desktop_system | 2.0 |
| enlightenment | imlib | 1.9.12 |
| enlightenment | imlib | 1.9.13 |
| enlightenment | imlib | 1.9.8 |
| suse | suse_linux | 8.2 |
| enlightenment | imlib | 1.9.10 |
| enlightenment | imlib | 1.9.2 |
| enlightenment | imlib2 | 1.1.1 |
| imagemagick | imagemagick | 5.4.4.5 |
| suse | suse_linux | 9.0 |
| mandrakesoft | mandrake_linux | 9.2 |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 |
| enlightenment | imlib2 | 1.0.4 |
| suse | suse_linux | 8.0 |
| enlightenment | imlib2 | 1.0.3 |
| enlightenment | imlib2 | 1.0.2 |
| imagemagick | imagemagick | 6.0.2 |
| enlightenment | imlib2 | 1.0.1 |
| turbolinux | turbolinux | server_8.0 |
| turbolinux | turbolinux | desktop_10.0 |
| enlightenment | imlib | 1.9.11 |
| enlightenment | imlib2 | 1.1 |
| imagemagick | imagemagick | 5.3.3 |
| imagemagick | imagemagick | 5.4.8.2.1.1.0 |
| suse | suse_linux | 9.2 |
| redhat | fedora_core | core_2.0 |
| enlightenment | imlib | 1.9.4 |
| redhat | enterprise_linux_desktop | 3.0 |
| imagemagick | imagemagick | 5.5.3.2.1.2.0 |
| suse | suse_linux | 8.1 |
| turbolinux | turbolinux | workstation_8.0 |
| conectiva | linux | 9.0 |
| mandrakesoft | mandrake_linux | 10.0 |
| redhat | enterprise_linux | 3.0 |
| enlightenment | imlib2 | 1.0 |
| imagemagick | imagemagick | 5.5.7 |
| suse | suse_linux | 9.1 |
| turbolinux | turbolinux | server_7.0 |
| enlightenment | imlib | 1.9 |
| sun | java_desktop_system | 2003 |
| turbolinux | turbolinux | workstation_7.0 |
| ubuntu | ubuntu_linux | 4.1 |
| enlightenment | imlib | 1.9.6 |
| redhat | fedora_core | core_3.0 |
| enlightenment | imlib | 1.9.7 |
| redhat | linux_advanced_workstation | 2.1 |
| redhat | enterprise_linux | 2.1 |
| enlightenment | imlib | 1.9.5 |
| enlightenment | imlib | 1.9.14 |
| redhat | fedora_core | core_1.0 |
| enlightenment | imlib | 1.9.3 |
| conectiva | linux | 10.0 |
| imagemagick | imagemagick | 5.4.7 |
| imagemagick | imagemagick | 5.5.6.0_2003-04-09 |
| imagemagick | imagemagick | 5.4.8 |
| enlightenment | imlib | 1.9.1 |
| enlightenment | imlib2 | 1.0.5 |
| imagemagick | imagemagick | 5.4.3 |
| enlightenment | imlib | 1.9.9 |
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 7.3 |
| gentoo | linux | * |
| enlightenment | imlib | 1.9.14 |
| redhat | linux | 9.0 |
| enlightenment | imlib | 1.9.13 |
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 7.3 |
| gentoo | linux | * |
| enlightenment | imlib | 1.9.14 |
| redhat | linux | 9.0 |
| enlightenment | imlib | 1.9.13 |
Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | 1.4.3 |
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | enlightenment | * |
Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | enlightenment | * |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a GIF image without a colormap.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 8.0 |
| enlightenment | terminology | 0.7.0 |
Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 7.0 |
Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | * |
| debian | debian_linux | 8.0 |
| opensuse | opensuse | 13.2 |
| debian | debian_linux | 7.0 |
Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types (/usr/share/applications). The control sequence defers unknown file types to the handle_unknown_media() function, which executes xdg-open against the filename specified in the sequence. The use of xdg-open for all unknown file types allows executable file formats with a registered shared MIME type to be executed. An attacker can achieve remote code execution by introducing an executable file and a plain text file containing the control sequence through a fake software project (e.g., in Git or a tarball). When the control sequence is rendered (such as with cat), the executable file will be run.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | terminology | * |
modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | 1.6.0 |
enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | enlightenment | * |
An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | 1.9.1 |
An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | 1.9.1 |
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
Products Affected
| Vendor | Product | Version |
|---|---|---|
| enlightenment | imlib2 | 1.9.1 |