Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD3D1E9267-073F-11D9-B45D-000C41E2CDAD
HistorySep 15, 2004 - 12:00 a.m.

gdk-pixbuf -- image decoding vulnerabilities

2004-09-1500:00:00
vuxml.freebsd.org
12

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.305 Low

EPSS

Percentile

96.9%

JSON

Chris Evans discovered several flaws in the gdk-pixbuf
XPM image decoder:

Heap-based overflow in pixbuf_create_from_xpm
Stack-based overflow in xpm_extract_color
Integer overflows in io-ico.c

Some of these flaws are believed to be exploitable.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchlinux-gdk-pixbuf< 0.22.0.11.3.5UNKNOWN
FreeBSDanynoarchgtk= 2.0UNKNOWN
FreeBSDanynoarchgtk< 2.4.9_1UNKNOWN
FreeBSDanynoarchgdk-pixbuf< 0.22.0_2UNKNOWN

Related

openvas 12
osv 2
debian 4
nessus 16
gentoo 1
cert 4
securityvulns 2
redhat 2
checkpoint_advisories 1
cve 3
debiancve 3
ubuntucve 3
freebsd 1
suse 2
openvas
openvas
SLES9: Security update for gdk-pixbuf
2009-10-10 00:00:00
SLES9: Security update for GTK
2009-10-10 00:00:00
Debian Security Advisory DSA 549-1 (gtk+2.0)
2008-01-17 00:00:00
osv
osv
gtk+2.0 - multiple holes
2004-09-17 00:00:00
gdk-pixbuf - several vulnerabilities
2004-09-16 00:00:00
debian
debian
[SECURITY] [DSA 549-1] New gtk+2.0 packages fix several vulnerabilities
2004-09-17 09:25:18
[SECURITY] [DSA 549-1] New gtk+2.0 packages fix several vulnerabilities
2004-09-17 09:25:18
[SECURITY] [DSA 546-1] New gdk-pixbuf packages fix several vulnerabilities
2004-09-16 09:02:33
nessus
nessus
Debian DSA-549-1 : gtk+ - several vulnerabilities
2004-09-29 00:00:00
SuSE9 Security Update : gdk-pixbuf (YOU Patch Number 9368)
2009-09-24 00:00:00
SUSE-SA:2004:033: gtk2, gdk-pixbuf
2004-09-17 00:00:00
gentoo
gentoo
GTK+ 2, gdk-pixbuf: Multiple image decoding vulnerabilities
2004-09-21 00:00:00
cert
cert
GdkPixbuf XPM parser contains a heap overflow vulnerability
2004-10-01 00:00:00
GdkPixbuf BMP parser may enter an infinite loop
2004-10-01 00:00:00
GdkPixbuf ICO parser contains an integer overflow vulnerability
2004-10-01 00:00:00
securityvulns
securityvulns
CESA-2004-005: gtk+ XPM decoder
2004-09-16 00:00:00
CESA-2004-004: libXpm
2004-09-16 00:00:00
redhat
redhat
(RHSA-2004:466) gtk2 security update
2004-09-15 00:00:00
(RHSA-2004:447) gdk-pixbuf security update
2004-09-15 00:00:00
checkpoint_advisories
checkpoint_advisories
CVS File Existence Information Disclosure (CVE-2004-0788)
2009-10-14 00:00:00
cve
cve
CVE-2004-0788
2004-10-20 04:00:00
CVE-2004-0782
2004-10-20 04:00:00
CVE-2004-0783
2004-10-20 04:00:00
debiancve
debiancve
CVE-2004-0788
2004-10-20 04:00:00
CVE-2004-0782
2004-10-20 04:00:00
CVE-2004-0783
2004-10-20 04:00:00
ubuntucve
ubuntucve
CVE-2004-0788
2004-10-20 00:00:00
CVE-2004-0782
2004-10-20 00:00:00
CVE-2004-0783
2004-10-20 00:00:00
freebsd
freebsd
imlib -- xpm heap buffer overflows and integer overflows
2004-12-06 00:00:00
suse
suse
remote code execution in gtk2, gdk-pixbuf
2004-09-17 10:02:50
remote denial-of-service in apache2
2004-09-15 15:46:39

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.305 Low

EPSS

Percentile

96.9%

JSON
Related for 3D1E9267-073F-11D9-B45D-000C41E2CDAD
openvas12osv2debian4nessus16gentoo1cert4securityvulns2redhat2checkpoint_advisories1cve3debiancve3ubuntucve3freebsd1suse2