|
GdkPixbuf BMP Loader Double Free Denial of Service Vulnerability
|
|
Secunia Advisory:
|
SA14776
|
|
|
Release Date:
|
2005-03-31
|
|
Popularity:
|
8,008 views
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | GdkPixbuf 0.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2005-0891
|
|
Description:
David Costanzo has reported a vulnerability in GdkPixbuf, which can be exploited by malicious people to crash certain applications on a user's system.
The vulnerability is caused due to a double free error in the BMP loader. This can be exploited to crash an application linked against GdkPixbuf when a specially crafted BMP image is processed.
Solution:
Secunia is not currently aware of an official patch or updated version addressing this issue.
Don't process untrusted BMP images in applications linked against GdkPixbuf.
Provided and/or discovered by:
David Costanzo
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
