Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0783

Published: 20/10/2004 Updated: 11/08/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gnome

Vulnerability Summary

Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and previous versions, and gdk-pixbuf prior to 0.22, may allow remote malicious users to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).

Vulnerable Product Search on Vulmon Subscribe to Product

gnome gdkpixbuf 0.22

gnome gdkpixbuf 0.18

gnome gdkpixbuf 0.17

gnome gdkpixbuf 0.20

gnome gtk 2.0.2

gnome gtk 2.0.6

gnome gtk 2.2.1

gnome gtk 2.2.3

gnome gtk 2.2.4

Vendor Advisories

Red Hat: gdk-pixbuf security update
Synopsis gdk-pixbuf security update Type/Severity Security Advisory: Important Topic Updated gdk-pixbuf packages that fix several security flaws are now available Description The gdk-pixbuf package contains an image loading library used with theGNOME GUI desktop environment[Updated 15th S ...
Red Hat: gtk2 security update
Synopsis gtk2 security update Type/Severity Security Advisory: Important Topic Updated gtk2 packages that fix several security flaws and bugs are nowavailable Description The gtk2 package contains the GIMP ToolKit (GTK+), a library for creatinggraphical user interfaces for the X Window Sys ...

References

CWE-787http://www.redhat.com/support/errata/RHSA-2004-447.htmlhttp://www.redhat.com/support/errata/RHSA-2004-466.htmlhttp://scary.beasts.org/security/CESA-2004-005.txthttps://bugzilla.fedora.us/show_bug.cgi?id=2005http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096http://www.kb.cert.org/vuls/id/369358http://secunia.com/advisories/17657http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1http://www.securityfocus.com/bid/11195http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875http://www.mandriva.com/security/advisories?name=MDKSA-2005:214http://marc.info/?l=bugtraq&m=109528994916275&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/17385https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786http://www.securityfocus.com/archive/1/419771/100/0/threadedhttps://access.redhat.com/errata/RHSA-2004:447https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/369358
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook