Vulnerability Details CVE-2008-5262
Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 80.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/33470
- http://secunia.com/advisories/33637
- http://secunia.com/advisories/33801
- http://secunia.com/secunia_research/2008-59/
- http://www.debian.org/security/2009/dsa-1717
- http://www.securityfocus.com/bid/33231
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00845.html
- http://secunia.com/advisories/33470
- http://secunia.com/advisories/33637
- http://secunia.com/advisories/33801
- http://secunia.com/secunia_research/2008-59/
- http://www.debian.org/security/2009/dsa-1717
- http://www.securityfocus.com/bid/33231
- https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00845.html
Products affected by CVE-2008-5262
-
cpe:2.3:a:devil:developers_image_library:1.7.4