Bug 238615 (CVE-2007-2413)

Summary: CVE-2007-2413: perl-Imager < 0.57 heap based buffer overflow
Product: [Fedora] Fedora Reporter: Ville Skyttä <ville.skytta>
Component: perl-ImagerAssignee: Steven Pritchard <steve>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: fedora-security-list, ghenry
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2413
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-05-02 19:29:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ville Skyttä 2007-05-01 20:09:43 UTC 
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2413

"Heap-based buffer overflow in Imager before 0.57 allows remote attackers to
cause a denial of service (application abort) and possibly execute arbitrary
code via compressed 8-bit BMP files."

All distros currently at < 0.57.
Comment 1 Steven Pritchard 2007-05-01 23:10:53 UTC 
FC-5, FC-6, and devel are all building now.

Thanks for the heads-up.