[Bug 19702] CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code
bugzilla-daemon at bugzilla.ubuntu.com
bugzilla-daemon at bugzilla.ubuntu.com
Wed Nov 16 10:47:01 UTC 2005
Please do not reply to this email. You can add comments at
http://bugzilla.ubuntu.com/show_bug.cgi?id=19702
Ubuntu | gtk+2.0
------- Additional Comments From debzilla at ubuntu.com 2005-11-16 10:47 UTC -------
Message-Id: <E1EcJPw-0001PW-KK at localhost.localdomain>
Date: Wed, 16 Nov 2005 10:17:24 +0100
From: Moritz Muehlenhoff <jmm at inutil.org>
To: Debian Bug Tracking System <submit at bugs.debian.org>
Subject: CVE-2005-3186: Integer overflow in gdk-pixbuf's XPM code
Package: gtk+2.0
Severity: grave
Tags: security
Justification: user security hole
An integer overflow in gdk-pixbuf's XPM rendering code can be exploited
to overwrite the heap and exploit arbitrary code through crafted images.
Please see www.idefense.com/application/poi/display?id=339&type=vulnerabilities
for more details.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-686
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
--
Configure bugmail: http://bugzilla.ubuntu.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the desktop-bugs
mailing list