Referenced CVEs:
CVE-2008-2426
Description:
===========================================================Ubuntu Security Notice USN-697-1 December 22, 2008imlib2 vulnerabilityCVE-2008-2426===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libimlib2 1.2.1-2ubuntu0.4Ubuntu 7.10: libimlib2 1.3.0.0debian1-4ubuntu0.2Ubuntu 8.04 LTS: libimlib2 1.4.0-1ubuntu1.2After a standard system upgrade you need to restart any applications thatuse Imlib2 to effect the necessary changes.Details follow:It was discovered that Imlib2 did not correctly handle certain malformed XPMand PNG images. If a user were tricked into opening a specially crafted imagewith an application that uses Imlib2, an attacker could cause a denial ofservice and possibly execute arbitrary code with the user's privileges.
More...