Upstream information

CVE-2007-3568 at MITRE

Description

The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service (infinite loop) via a BMP image with a Bits Per Page (BPP) value of 0.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 291037 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP4
  • imlib >= 1.9.14-401.20
  • imlib-32bit >= 1.9.14-401.20
  • imlib-config >= 1.9.14-401.20
  • imlib-devel >= 1.9.14-401.20
  • imlib-x86 >= 1.9.14-401.20
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA imlib