Bug 130908

Summary: CAN-2004-0817 heap overflow in BMP decoder
Product: [Fedora] Fedora Reporter: Josh Bressers <bressers>
Component: imlibAssignee: Jonathan Blandford <jrb>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 2CC: ddumas, redhat-bugzilla
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-09-09 20:40:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josh Bressers 2004-08-25 18:32:30 UTC 
A heap overflow issue has been discovered in the imlib BMP decoder. 
This issue deals with overflowing the color palette.

It may be possible for this overflow to allow an attacker to execute
malicious code.

The demo image is attachment 102533 [details].

This issue is also documented in the gnome BTS
http://bugzilla.gnome.org/show_bug.cgi?id=151034

This issue also affects FC1
Comment 1 Josh Bressers 2004-09-09 20:40:04 UTC 
This has been pushed.