CVE-2008-1928

CVSS V2 Medium 5 CVSS V3 None
Description
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels.
Overview
  • CVE ID
  • CVE-2008-1928
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2008-04-24T05:05:00
  • Last Modified Date
  • 2017-08-08T01:30:36
Weakness Enumerations
CWE URL
CWE-119 http://cwe.mitre.org/data/definitions/119.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:imager:imager:0.42:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.43:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.43_03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.44:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.44_01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.45:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.45_02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.46:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.47:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.48:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.49:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.49_01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.51:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.51_01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.51_02:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.51_03:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.53:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.55:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.56:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.57:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.58:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.59:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.60:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.61:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.62:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:imager:imager:0.63:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:N/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • NONE
  • Availability Impact
  • PARTIAL
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://rt.cpan.org/Public/Bug/Display.html?id=35324
http://imager.perl.org/i/release064/Imager_0_64
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00569.html
http://www.securityfocus.com/bid/28980
http://secunia.com/advisories/30030
http://secunia.com/advisories/30011
http://www.vupen.com/english/advisories/2008/1387/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41986
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2008-1928
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1928
History
Created Old Value New Value Data Type Notes
2022-05-10 09:08:04 Added to TrackCVE