CVE-2007-2459
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
02/05/2007
Last modified:
09/04/2025
Description
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
Impact
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:tony_cook:imager:0.44:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.44_1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.45:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.45_2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.46:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.47:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.48:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.49:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.50:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.51:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.52:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.53:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.54:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.55:*:*:*:*:*:*:* | ||
| cpe:2.3:a:tony_cook:imager:0.56:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://imager.perl.org/a/65.html
- http://osvdb.org/35470
- http://osvdb.org/39846
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://www.vupen.com/english/advisories/2007/1587
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582
- http://imager.perl.org/a/65.html
- http://osvdb.org/35470
- http://osvdb.org/39846
- http://rt.cpan.org/Public/Bug/Display.html?id=26811
- http://secunia.com/advisories/25038
- http://secunia.com/advisories/28868
- http://www.debian.org/security/2008/dsa-1498
- http://www.securityfocus.com/bid/23711
- http://www.vupen.com/english/advisories/2007/1587
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34010