Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0782

Published: 20/10/2004 Updated: 11/08/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gdkpixbuf

Vulnerability Summary

Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and previous versions, and gdk-pixbuf prior to 0.22, allows remote malicious users to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).

Vulnerable Product Search on Vulmon Subscribe to Product

gnome gdkpixbuf 0.22

gnome gdkpixbuf 0.18

gnome gdkpixbuf 0.17

gnome gdkpixbuf 0.20

gnome gtk 2.0.2

gnome gtk 2.0.6

gnome gtk 2.2.1

gnome gtk 2.2.3

gnome gtk 2.2.4

Vendor Advisories

Red Hat: gdk-pixbuf security update
Synopsis gdk-pixbuf security update Type/Severity Security Advisory: Important Topic Updated gdk-pixbuf packages that fix several security flaws are now available Description The gdk-pixbuf package contains an image loading library used with theGNOME GUI desktop environment[Updated 15th S ...
Red Hat: gtk2 security update
Synopsis gtk2 security update Type/Severity Security Advisory: Important Topic Updated gtk2 packages that fix several security flaws and bugs are nowavailable Description The gtk2 package contains the GIMP ToolKit (GTK+), a library for creatinggraphical user interfaces for the X Window Sys ...
Debian Security Advisories: DSA-546-1 gdk-pixbuf -- several vulnerabilities
Chris Evans discovered several problems in gdk-pixbuf, the GdkPixBuf library used in Gtk It is possible for an attacker to execute arbitrary code on the victims machine Gdk-pixbuf for Gtk+12 is an external package For Gtk+20 it's part of the main gtk package The Common Vulnerabilities and Exposures Project identifies the following vulnerabili ...

References

NVD-CWE-Otherhttp://www.redhat.com/support/errata/RHSA-2004-447.htmlhttp://www.redhat.com/support/errata/RHSA-2004-466.htmlhttp://scary.beasts.org/security/CESA-2004-005.txthttp://www.debian.org/security/2004/dsa-546https://bugzilla.fedora.us/show_bug.cgi?id=2005http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095http://www.kb.cert.org/vuls/id/729894http://secunia.com/advisories/17657http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1http://www.securityfocus.com/bid/11195http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875http://www.mandriva.com/security/advisories?name=MDKSA-2005:214http://marc.info/?l=bugtraq&m=109528994916275&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/17386https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539http://www.securityfocus.com/archive/1/419771/100/0/threadedhttps://access.redhat.com/errata/RHSA-2004:447https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/729894
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook