Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:49
Type | Values Removed | Values Added |
---|---|---|
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=109528994916275&w=2 - Third Party Advisory | |
References | () http://scary.beasts.org/security/CESA-2004-005.txt - Third Party Advisory | |
References | () http://secunia.com/advisories/17657 - Broken Link | |
References | () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1 - Third Party Advisory | |
References | () http://www.kb.cert.org/vuls/id/369358 - Third Party Advisory, US Government Resource | |
References | () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095 - Third Party Advisory | |
References | () http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2004-447.html - Patch, Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2004-466.html - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/419771/100/0/threaded - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/11195 - Third Party Advisory, VDB Entry | |
References | () https://bugzilla.fedora.us/show_bug.cgi?id=2005 - Issue Tracking | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17385 - Third Party Advisory, VDB Entry | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786 - Broken Link | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348 - Broken Link |
11 Aug 2023, 20:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gtk:gtk\+:2.0.6:*:*:*:*:*:*:* cpe:2.3:a:gtk:gtk\+:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:gtk:gtk\+:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:gtk:gtk\+:2.2.1:*:*:*:*:*:*:* |
cpe:2.3:a:gnome:gtk:2.2.1:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.2.4:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:gnome:gtk:2.0.6:*:*:*:*:*:*:* |
CWE | CWE-787 | |
References | (CERT-VN) http://www.kb.cert.org/vuls/id/369358 - Third Party Advisory, US Government Resource | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=109528994916275&w=2 - Third Party Advisory | |
References | (MISC) http://scary.beasts.org/security/CESA-2004-005.txt - Third Party Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17385 - Third Party Advisory, VDB Entry | |
References | (CONECTIVA) http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875 - Third Party Advisory | |
References | (FEDORA) http://www.securityfocus.com/archive/1/419771/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (SUNALERT) http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1 - Third Party Advisory | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 - Broken Link | |
References | (FEDORA) https://bugzilla.fedora.us/show_bug.cgi?id=2005 - Issue Tracking | |
References | (MANDRAKE) http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095 - Third Party Advisory | |
References | (MANDRAKE) http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096 - Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348 - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/11195 - Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/17657 - Broken Link | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786 - Broken Link | |
First Time |
Gnome gtk
|
Information
Published : 2004-10-20 04:00
Updated : 2024-11-20 23:49
NVD link : CVE-2004-0783
Mitre link : CVE-2004-0783
CVE.ORG link : CVE-2004-0783
JSON object : View
Products Affected
gnome
- gtk
- gdkpixbuf
CWE
CWE-787
Out-of-bounds Write