CVE-2002-0167

Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php
http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html
http://www.redhat.com/support/errata/RHSA-2002-048.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/4339
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php
http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html
http://www.redhat.com/support/errata/RHSA-2002-048.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/4339

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:enlightenment:imlib:1.9:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.1:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.2:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.3:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.4:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.5:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.6:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.7:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.8:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.9:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.10:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.11:::::::*
	cpe:2.3:a:enlightenment:imlib:1.9.12:::::::*

History

20 Nov 2024, 23:38

Type	Values Removed	Values Added
References	~~() ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt -~~	() ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt -
References	~~() http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470 -~~	() http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470 -
References	~~() http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php -~~	() http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php -
References	~~() http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html -~~	() http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html -
References	~~() http://www.redhat.com/support/errata/RHSA-2002-048.html - Patch, Vendor Advisory~~	() http://www.redhat.com/support/errata/RHSA-2002-048.html - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/4339 -~~	() http://www.securityfocus.com/bid/4339 -

Information

Published : 2002-04-22 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-0167

Mitre link : CVE-2002-0167

CVE.ORG link : CVE-2002-0167

JSON object : View

Products Affected

enlightenment

imlib

CWE

NVD-CWE-Other

{"id": "CVE-2002-0167", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2002-04-22T04:00:00.000", "references": [{"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt", "source": "cve@mitre.org"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470", "source": "cve@mitre.org"}, {"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-048.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4339", "source": "cve@mitre.org"}, {"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-019.0.txt", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000470", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-029.php", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.novell.com/linux/security/advisories/2002_015_imlib_txt.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2002-048.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/4339", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM."}, {"lang": "es", "value": "Imlib anteriores a 1.9.13 a veces usa el paquete NetPBM para cargar im\u00e1genes de confianza, lo que podr\u00eda permitir a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario mediante ciertas debilidades de NetPBM."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E"}, {"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

7.5 /10