Vulnerability Details CVE-2007-2459
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.057
EPSS Ranking 90.0%
CVSS Severity
CVSS v2 Score 7.8
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://imager.perl.org/a/65.html
- http://osvdb.org/35470
- http://osvdb.org/39846
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://www.vupen.com/english/advisories/2007/1587
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://imager.perl.org/a/65.html
- http://osvdb.org/35470
- http://osvdb.org/39846
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://www.vupen.com/english/advisories/2007/1587
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
Products affected by CVE-2007-2459
-
cpe:2.3:a:tony_cook:imager:0.44
-
cpe:2.3:a:tony_cook:imager:0.44_1
-
cpe:2.3:a:tony_cook:imager:0.45
-
cpe:2.3:a:tony_cook:imager:0.45_2
-
cpe:2.3:a:tony_cook:imager:0.46
-
cpe:2.3:a:tony_cook:imager:0.47
-
cpe:2.3:a:tony_cook:imager:0.48
-
cpe:2.3:a:tony_cook:imager:0.49
-
cpe:2.3:a:tony_cook:imager:0.50
-
cpe:2.3:a:tony_cook:imager:0.51
-
cpe:2.3:a:tony_cook:imager:0.52
-
cpe:2.3:a:tony_cook:imager:0.53
-
cpe:2.3:a:tony_cook:imager:0.54
-
cpe:2.3:a:tony_cook:imager:0.55
-
cpe:2.3:a:tony_cook:imager:0.56