Gtk@* Security Vulnerabilities and Issues — Gtk@* CVE List

Lucene search

GnomeGtk*

11 matches found

CVE•added 2004/10/20 4:0 a.m.•66 views

CVE-2004-0788

Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.

5CVSS7.2AI score0.1293EPSS

CVE•added 2005/11/18 11:0 a.m.•66 views

CVE-2005-2976

Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.

7.5CVSS7.9AI score0.02224EPSS

CVE•added 2005/11/18 11:0 a.m.•61 views

CVE-2005-2975

io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.

7.8CVSS7.1AI score0.1189EPSS

CVE•added 2011/09/06 3:55 p.m.•61 views

CVE-2010-4831

Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan horse Wintab32.dll file in the current working directory.

6.9CVSS6.3AI score0.00151EPSS

CVE•added 2004/10/20 4:0 a.m.•60 views

CVE-2004-0753

The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.

5CVSS7.1AI score0.1204EPSS

CVE•added 2015/01/16 4:59 p.m.•54 views

CVE-2014-1949

GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.

7.2CVSS6.3AI score0.00037EPSS

CVE•added 2005/05/02 4:0 a.m.•53 views

CVE-2005-0372

Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.

5CVSS6.3AI score0.04093EPSS

CVE•added 2007/01/24 7:28 p.m.•52 views

CVE-2007-0010

The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.

2.1CVSS5.9AI score0.00869EPSS

CVE•added 2011/09/06 3:55 p.m.•51 views

CVE-2010-4833

Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 allows local users to gain privileges via a Trojan horse uxtheme.dll file in the current working directory, a different vulnerability than CVE-2010-4831.

9.3CVSS6.4AI score0.00304EPSS

CVE•added 2005/05/02 4:0 a.m.•50 views

CVE-2005-0891

Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.

7.5CVSS7.1AI score0.02014EPSS

CVE•added 2010/03/19 7:30 p.m.•49 views

CVE-2010-0732

gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unatten...

6.2CVSS9.2AI score0.00041EPSS