7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.305 Low
EPSS
Percentile
96.9%
A stack overflow vulnerability exists in the XPM handling of GdkPixbuf. This vulnerability can lead to a denial-of-service condition or execution of arbitrary code.
GdkPixbuf is a library used by GTK+ 2 for loading and rendering images. GTK+ is a multi-platform toolkit for creating graphical user interfaces. It is used by the Gnome desktop and other applications. GdkPixbuf contains a stack overflow vulnerability in the xpm_extract_color()
function of the XPM loading routine.
By convincing the user to open a specially crafted XPM file, an attacker could cause a denial of service by crashing the application that uses GdkPixbuf. It may also be possible to execute arbitrary code with the permissions of that application.
Apply a patch from your vendor
For vendor-specific information regarding vulnerable status and patch availability, please see the vendor section of this document.
Upgrade your version of gtk+
Upgrade your system as specified by your vendor. If you need to compile the software from the original source, get gtk+ 2.4.10.
369358
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: September 17, 2004 Updated: January 31, 2005
Not Affected
Mac OS X and Mac OS X Server do not contain the software described in this vulnerability note.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 28, 2004
Not Affected
HI-UX/WE2 is NOT Vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
Notified: September 17, 2004 Updated: September 20, 2004
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
We have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23369358 Feedback>).
View all 35 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Chris Evans for reporting this vulnerability.
This document was written by Will Dormann.
CVE IDs: | CVE-2004-0783 |
---|---|
Severity Metric: | 8.86 Date Public: |