CVE-2007-2459

{"id": "CVE-2007-2459", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-05-02T18:19:00.000", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582", "source": "cve@mitre.org"}, {"url": "http://imager.perl.org/a/65.html", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/35470", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/39846", "source": "cve@mitre.org"}, {"url": "http://rt.cpan.org/Public/Bug/Display.html?id=26811", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25038", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28868", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2008/dsa-1498", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/23711", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1587", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34010", "source": "cve@mitre.org"}, {"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://imager.perl.org/a/65.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/35470", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/39846", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rt.cpan.org/Public/Bug/Display.html?id=26811", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25038", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/28868", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2008/dsa-1498", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/23711", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/1587", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34010", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el lector BMP (bmp.c) en el m\u00f3dulo perl Imager (libimager-perl) versiones 0.45 hasta 0.56, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario por medio de archivos especialmente dise\u00f1ados BMP comprimidos de 8-bit/pixel."}], "lastModified": "2024-11-21T00:30:50.530", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tony_cook:imager:0.44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D5C7CF3-5865-4709-9C8E-52C66E171642"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.44_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C2EBA3A-E39A-4568-B84C-7E2F27D9E3E5"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34213F75-A363-4282-99C6-3BE1D58EAA1E"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.45_2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD701807-DC28-436C-82C9-1EF60E2E9BF8"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3A41E84-908A-49F5-AF62-A9079DA44967"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC22102-E019-430D-B916-68648A755C64"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "108D694E-777E-4BBD-BE06-B0091FEBD6DA"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "693E747D-B315-4272-A221-40BFEE97A2A4"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9B04F9B-1ED2-462D-9CBF-1424BB7EA801"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.51:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6F6BFC1-3831-44BE-ABF6-EBF98B09C6EB"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECAD9361-DD3F-4B6D-84F3-07EC7F6B4D9E"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1E4C0A0-89C0-42DC-A722-BE7698F595E4"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.54:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2074080-1D18-4EC4-9DF1-DB82EB28A508"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.55:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E413A2B-2F3D-4B16-9C79-356828586DD8"}, {"criteria": "cpe:2.3:a:tony_cook:imager:0.56:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1728224-E2AA-452D-8DAD-E6B4DE9B912D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}