Description
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
References (11)
Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/35470
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39846
Issue Tracking x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1498
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23711
Various Sources x_refsource_confirm
http://imager.perl.org/a/65.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25038
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28868
Various Sources x_refsource_confirm
http://rt.cpan.org/Public/Bug/Display.html?id=26811
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1587
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
Scores
EPSS
0.0493
EPSS Percentile
91.1%
Details
CWE
CWE-119
Status
published
Products (15)
tony_cook/imager
0.44
tony_cook/imager
0.44_1
tony_cook/imager
0.45
tony_cook/imager
0.45_2
tony_cook/imager
0.46
tony_cook/imager
0.47
tony_cook/imager
0.48
tony_cook/imager
0.49
tony_cook/imager
0.50
tony_cook/imager
0.51
... and 5 more
Published
May 02, 2007
Tracked Since
Feb 18, 2026