Imager(libimager-perl) JPEG 和TGA 图像拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110020 漏洞类型 资源管理错误
发布时间 2006-04-07 更新时间 2006-04-10
CVE编号 CVE-2006-0053 CNNVD-ID CNNVD-200604-105
漏洞平台 Linux CVSS评分 2.6
|漏洞来源
https://www.exploit-db.com/exploits/27581
https://www.securityfocus.com/bid/17415
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-105
|漏洞详情
Imager(libimager-perl)5.0-1之前的版本中存在未明漏洞。这使得用户辅助攻击者可以借助于精心设计的4通道JPEG图像造成拒绝服务(段错误)。
|漏洞EXP
source: http://www.securityfocus.com/bid/17415/info

The Perl Imager module is susceptible to a denial-of-service vulnerability. This issue is due to a failure of the software to properly handle unexpected image data.

Malformed image files may cause a crash in applications that use the affected Perl module, resulting in a denial-of-service condition.

Sample Perl code sufficient to demonstrate this issue is available:

perl -MImager -e 'my $im = Imager->new(xsize => 100, ysize=>100, channels => 4); $im->write(data=>\$foo, type=>"jpeg")'
|受影响的产品
Tony Cook Imager 0.49 Tony Cook Imager 0.48 Tony Cook Imager 0.47 Tony Cook Imager 0.45 Tony Cook Imager 0.43 Tony Cook Imager 0.42 Tony Cook Imager 0.4
|参考资料

来源:BID
名称:17415
链接:http://www.securityfocus.com/bid/17415
来源:VUPEN
名称:ADV-2006-1294
链接:http://www.frsirt.com/english/advisories/2006/1294
来源:DEBIAN
名称:DSA-1028
链接:http://www.debian.org/security/2006/dsa-1028
来源:SECUNIA
名称:19577
链接:http://secunia.com/advisories/19577
来源:SECUNIA
名称:19575
链接:http://secunia.com/advisories/19575
来源:XF
名称:imager-jpeg-tga-dos(25717)
链接:http://xforce.iss.net/xforce/xfdb/25717
来源:MISC
链接:http://rt.cpan.org/Public/Bug/Display.html?id=18397
来源:bugs.debian.org
链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359661