The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. http://www.openwall.com/lists/oss-security/2008/11/20/5 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15 http://secunia.com/advisories/32796
imlib2-1.4.2-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/imlib2-1.4.2-2.fc10
imlib2-1.4.2-2.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/imlib2-1.4.2-2.fc9
imlib2-1.4.2-2.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/imlib2-1.4.2-2.fc8
imlib2-1.4.2-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
imlib2-1.4.2-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
imlib2-1.4.2-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F8/FEDORA-2008-10296 https://admin.fedoraproject.org/updates/F9/FEDORA-2008-10287 https://admin.fedoraproject.org/updates/f10/FEDORA-2008-10364
Upstream bug and SVN commit: http://bugzilla.enlightenment.org/show_bug.cgi?id=547 http://trac.enlightenment.org/e/changeset/37744/trunk/imlib2/src/modules/loaders/loader_xpm.c