mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
246 lines
7.8 KiB
JSON
246 lines
7.8 KiB
JSON
{
|
|
"id": "CVE-2007-2459",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-05-02T18:19:00.000",
|
|
"lastModified": "2024-11-21T00:30:50.530",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el lector BMP (bmp.c) en el m\u00f3dulo perl Imager (libimager-perl) versiones 0.45 hasta 0.56, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario por medio de archivos especialmente dise\u00f1ados BMP comprimidos de 8-bit/pixel."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"baseScore": 7.8,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.44:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5D5C7CF3-5865-4709-9C8E-52C66E171642"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.44_1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7C2EBA3A-E39A-4568-B84C-7E2F27D9E3E5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.45:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "34213F75-A363-4282-99C6-3BE1D58EAA1E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.45_2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AD701807-DC28-436C-82C9-1EF60E2E9BF8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.46:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3A41E84-908A-49F5-AF62-A9079DA44967"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.47:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EC22102-E019-430D-B916-68648A755C64"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.48:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "108D694E-777E-4BBD-BE06-B0091FEBD6DA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.49:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "693E747D-B315-4272-A221-40BFEE97A2A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.50:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D9B04F9B-1ED2-462D-9CBF-1424BB7EA801"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.51:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6F6BFC1-3831-44BE-ABF6-EBF98B09C6EB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.52:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ECAD9361-DD3F-4B6D-84F3-07EC7F6B4D9E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.53:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D1E4C0A0-89C0-42DC-A722-BE7698F595E4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.54:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2074080-1D18-4EC4-9DF1-DB82EB28A508"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.55:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0E413A2B-2F3D-4B16-9C79-356828586DD8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:tony_cook:imager:0.56:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C1728224-E2AA-452D-8DAD-E6B4DE9B912D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://imager.perl.org/a/65.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/35470",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/39846",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=26811",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/25038",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/28868",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2008/dsa-1498",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/23711",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/1587",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34010",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=421582",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://imager.perl.org/a/65.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/35470",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://osvdb.org/39846",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://rt.cpan.org/Public/Bug/Display.html?id=26811",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/25038",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/28868",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2008/dsa-1498",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/23711",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/1587",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34010",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |