Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=109528994916275&w=2 - Third Party Advisory | |
References | () http://scary.beasts.org/security/CESA-2004-005.txt - Third Party Advisory | |
References | () http://secunia.com/advisories/17657 - Broken Link | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1 - Third Party Advisory | |
References | () http://www.debian.org/security/2004/dsa-546 - Third Party Advisory | |
References | () http://www.kb.cert.org/vuls/id/729894 - Third Party Advisory, US Government Resource | |
References | () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2004-447.html - Patch, Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2004-466.html - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/419771/100/0/threaded - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/11195 - Third Party Advisory, VDB Entry | |
References | () https://bugzilla.fedora.us/show_bug.cgi?id=2005 - Issue Tracking | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17386 - Third Party Advisory, VDB Entry | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539 - Broken Link | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617 - Broken Link |
11 Aug 2023, 20:18
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gtk:gtk\+:2.0.6:*:*:*:*:*:*:* cpe:2.3:a:gtk:gtk\+:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:gtk:gtk\+:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:gtk:gtk\+:2.2.1:*:*:*:*:*:*:* |
cpe:2.3:a:gnome:gtk:2.2.1:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.2.4:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.0.6:*:*:*:*:*:*:* |
First Time |
Gnome gtk
|
|
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=109528994916275&w=2 - Third Party Advisory | |
References | (MISC) http://scary.beasts.org/security/CESA-2004-005.txt - Third Party Advisory | |
References | (CONECTIVA) http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875 - Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617 - Broken Link | |
References | (FEDORA) http://www.securityfocus.com/archive/1/419771/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (DEBIAN) http://www.debian.org/security/2004/dsa-546 - Third Party Advisory | |
References | (SUNALERT) http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1 - Third Party Advisory | |
References | (FEDORA) https://bugzilla.fedora.us/show_bug.cgi?id=2005 - Issue Tracking | |
References | (MANDRAKE) http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095 - Third Party Advisory | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 - Broken Link | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539 - Broken Link | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17386 - Third Party Advisory, VDB Entry | |
References | (CERT-VN) http://www.kb.cert.org/vuls/id/729894 - Third Party Advisory, US Government Resource | |
References | (BID) http://www.securityfocus.com/bid/11195 - Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/17657 - Broken Link |
Information
Published : 2004-10-20 04:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0782
Mitre link : CVE-2004-0782
CVE.ORG link : CVE-2004-0782
JSON object : View
Products Affected
gnome
- gtk
- gdkpixbuf
CWE