CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
88.5%
Secunia reports:
A vulnerability has been discovered in imlib2, which can
be exploited by malicious people to potentially compromise
an application using the library.
The vulnerability is caused due to a pointer arithmetic
error within the “load()” function provided by the XPM
loader. This can be exploited to cause a heap-based buffer
overflow via a specially crafted XPM file.
Successful exploitation may allow execution of arbitrary
code.