CVE-2004-0788

Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...

CVE-2004-0788

Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...

CVE-2004-0783

Stack-based buffer overflow in xpmextractcolor io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in a...

CVE-2004-0783

Stack-based buffer overflow in xpmextractcolor io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in a...

CVE-2004-1379

Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a 1 DVD or 2 MPEG subpicture header where the second field reuses RLE data from the end of the first field...

CESA-2004-005: gtk+ XPM decoder

CESA-2004-005 - rev 1 http://scary.beasts.org/security/CESA-2004-005.txt gtk+-2.4.4 XPM image decoder parsing flaws ========================================== Programs: gtk+, and any programs which use gtk+ to decode XPM files. For example, Evolution. Severity: Compromise of account used to brows...

security flaw

Stack-based buffer overflow in xpmextractcolor io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in a...

security flaw

Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...

security flaw

Integer overflow in the ICO image decoder for 1 gdk-pixbuf before 0.22 and 2 gtk2 before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted ICO file...

Important: Red Hat Security Advisory: gdk-pixbuf security update

Updated gdk-pixbuf packages that fix several security flaws are now available. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. Updated 15th September 2004 Packages have been updated to correct a bug which caused the xpm loader to fail. During...

security flaw

Integer overflow in pixbufcreatefromxpm io-xpm.c in the XPM image decoder for gtk+ 2.4.4 gtk2 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain ncol and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+...

RHEL 3 : gtk2 (RHSA-2004:466)

Updated gtk2 packages that fix several security flaws and bugs are now available. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating graphical user interfaces for the X Window System. During testing of a previously fixed flaw in Qt CVE-2004-0691, a flaw was discovered in the...

RHEL 2.1 / 3 : gdk-pixbuf (RHSA-2004:447)

Updated gdk-pixbuf packages that fix several security flaws are now available. The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. Updated 15th September 2004 Packages have been updated to correct a bug which caused the xpm loader to fail. During...

mozilla -- BMP decoder vulnerabilities

Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution...

CVE-2004-0644

The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding...

CVE-2004-0644

The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding...

CVE-2004-0644

The CVE-2004-0644 entry concerns MIT Kerberos 5 (krb5) 1.2.2–1.3.4, where the asn1buf_skiptail function in the ASN.1 decoder library allows remote attackers to cause a denial of service (infinite loop) via a specific BER encoding. Affected software includes the KDC and krb5 libraries; the impact ...

libxine -- DVD subpicture decoder heap overflow

A xine security announcement states: A heap overflow has been found in the DVD subpicture decoder of xine-lib. This can be used for a remote heap overflow exploit, which can, on some systems, lead to or help in executing malicious code with the permissions of the user running a xine-lib based med...

MIT krb5: Multiple vulnerabilities

Background MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. Description The implementation of the Key Distribution Center KDC and the MIT krb5 library contain double-free vulnerabilities, making client programs as we...

CVE-2004-0785

CVE-2004-0785 affects Gaim (pre-0.82). The advisory states multiple buffer overflows that allow remote attackers to cause denial of service and potentially execute arbitrary code via (1) RTF messages, (2) an excessively long hostname from DNS, or (3) an overly long URL not properly decoded. Produ...