VDB
CVE-2008-0544
CVE-2008-0544
PUBLISHED
CVSS 10 CRITICAL
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of these details are obtained from third party information.
EPSS 8.67% · 92.6th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
8.67%
92.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sdl | sdl_image | 1.2.6 |
| n/a | n/a | * |
Timeline
- Feb 1, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 27435 vdb
- 28869 third-party-advisory
- 28850 third-party-advisory
- FEDORA-2008-1208 vendor-advisory
- 28752 third-party-advisory
- sdlimage-imgloadlbmrw-bo(39899) vdb
- http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?r1=3341&r2=3521 url
- https://issues.rpath.com/browse/RPL-2206 url
- FEDORA-2008-1231 vendor-advisory
- http://bugs.gentoo.org/show_bug.cgi?id=207933 url
- 29542 third-party-advisory
- http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_lbm.c?revision=3521&view=markup url
- DSA-1493 vendor-advisory
- 28640 third-party-advisory
- http://wiki.rpath.com/Advisories:rPSA-2008-0061 url
- 20080213 rPSA-2008-0061-1 SDL_image mailing-list
- 28830 third-party-advisory
- GLSA-200802-01 vendor-advisory
- USN-595-1 vendor-advisory
- ADV-2008-0266 vdb
…and 2 more