Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-2976

Published: 18/11/2005 Updated: 03/08/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gdkpixbuf

Vulnerability Summary

Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ prior to 2.8.7 allows malicious users to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.

Vulnerable Product Search on Vulmon Subscribe to Product

gnome gdkpixbuf 0.22

gnome gtk

Vendor Advisories

Red Hat: gdk-pixbuf security update
Synopsis gdk-pixbuf security update Type/Severity Security Advisory: Important Topic Updated gdk-pixbuf packages that fix several security issues are now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description The gdk-pixbuf ...
Debian CVElist Bug Report Logs: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code
Debian Bug report logs - #339431 CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code Package: gtk+20; Maintainer for gtk+20 is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Wed, 16 Nov 2005 09:18:09 UTC Severity: grave Tags: fix ...
Ubuntu Security Notice: gtk+2.0, gdk-pixbuf vulnerabilities
Two integer overflows have been discovered in the XPM image loader of the GDK pixbuf library By tricking an user into opening a specially crafted XPM image with any Gnome desktop application that uses this library, this could be exploited to execute arbitrary code with the privileges of the user running the application (CVE-2005-2976, CVE-2005-31 ...
Debian Security Advisories: DSA-911-1 gtk+2.0 -- several vulnerabilities
Several vulnerabilities have been found in gtk+20, the Gtk+ GdkPixBuf XPM image rendering library The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2975 Ludwig Nussel discovered an infinite loop when processing XPM images that allows an attacker to cause a denial of service via a specially c ...

References

CWE-190http://www.redhat.com/support/errata/RHSA-2005-810.htmlhttp://www.gentoo.org/security/en/glsa/glsa-200511-14.xmlhttp://www.novell.com/linux/security/advisories/2005_65_gtk2.htmlhttp://www.ubuntu.com/usn/usn-216-1http://www.securityfocus.com/bid/15428http://securitytracker.com/id?1015216http://secunia.com/advisories/17522http://www.debian.org/security/2005/dsa-913http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdfhttp://secunia.com/advisories/17594http://secunia.com/advisories/17710http://www.debian.org/security/2005/dsa-911http://secunia.com/advisories/17538http://secunia.com/advisories/17562http://secunia.com/advisories/17592http://secunia.com/advisories/17615http://secunia.com/advisories/17657http://secunia.com/advisories/17770http://secunia.com/advisories/17791http://www.mandriva.com/security/advisories?name=MDKSA-2005:214http://www.vupen.com/english/advisories/2005/2433https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370http://www.securityfocus.com/archive/1/428052/100/0/threadedhttps://access.redhat.com/errata/RHSA-2005:810https://usn.ubuntu.com/216-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook