Launchpad.net

CVE 2008-0544

Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information.

Related bugs and status

CVE-2008-0544 (Candidate) is related to these bugs:

Bug #185782: Buffer overflow in GIF and IFF ILBM handling

		In	Importance	Status
185782	Buffer overflow in GIF and IFF ILBM handling	sdl-image1.2 (Ubuntu)	Medium	Fix Released
185782	Buffer overflow in GIF and IFF ILBM handling	sdl-image1.2 (Ubuntu Dapper)	Medium	Fix Released
185782	Buffer overflow in GIF and IFF ILBM handling	sdl-image1.2 (Ubuntu Edgy)	Medium	Fix Released
185782	Buffer overflow in GIF and IFF ILBM handling	sdl-image1.2 (Ubuntu Gutsy)	Medium	Fix Released
185782	Buffer overflow in GIF and IFF ILBM handling	sdl-image1.2 (Ubuntu Hardy)	Medium	Fix Released
185782	Buffer overflow in GIF and IFF ILBM handling	sdl-image1.2 (Ubuntu Feisty)	Medium	Fix Released

Bug #190484: please sync sdl-image1.2 (1.2.6-3) from unstable/main to main, ubuntu override ok

Summary				In	Importance	Status
	190484	please sync sdl-image1.2 (1.2.6-3) from unstable/main to main, ubuntu override ok		sdl-image1.2 (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 27435
SECUNIA: 28640
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200802-01
MANDRIVA: MDVSA-2008:040
SECUNIA: 28850
SECUNIA: 28830
FEDORA: FEDORA-2008-1208
FEDORA: FEDORA-2008-1231
SECUNIA: 28752
CONFIRM: http://wiki.rpath.com/...
CONFIRM: https://issues.rpath.c...
SECUNIA: 28869
UBUNTU: USN-595-1
SECUNIA: 29542
VUPEN: ADV-2008-0266
DEBIAN: DSA-1493
CONFIRM: http://www.libsdl.org/...
CONFIRM: http://www.libsdl.org/...
XF: sdlimage-imgloadlbmrw-...
BUGTRAQ: 20080213 rPSA-2008-006...