Launchpad.net

CVE 2007-2459

Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.

Related bugs and status

CVE-2007-2459 (Candidate) is related to these bugs:

Bug #195688: [libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code

		In	Importance	Status
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Ubuntu)	Undecided	Invalid
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Debian)	Unknown	Fix Released
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Ubuntu Dapper)	Undecided	Won't Fix
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Ubuntu Edgy)	Undecided	Won't Fix
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Ubuntu Feisty)	Undecided	Won't Fix
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Ubuntu Gutsy)	Undecided	Invalid
195688	[libimager-perl] [CVE-2007-2459] buffer overflow which could allow the execution of arbitrary code	libimager-perl (Ubuntu Hardy)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://imager.perl.org...
CONFIRM: http://rt.cpan.org/Pub...
CONFIRM: http://bugs.debian.org...
DEBIAN: DSA-1498
BID: 23711
SECUNIA: 25038
SECUNIA: 28868
OSVDB: 39846
VUPEN: ADV-2007-1587
OSVDB: 35470
XF: imager-bmpfile-bo(34010)