CVE-2008-5262 Information

Description

Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.

Reference

http://secunia.com/advisories/33470 http://secunia.com/advisories/33637 http://secunia.com/advisories/33801 http://secunia.com/secunia_research/2008-59/ http://www.debian.org/security/2009/dsa-1717 http://www.securityfocus.com/bid/33231 https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00845.html