CVE Reference: CVE-2004-0782

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2004-0782

Description:
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/17386

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1

SAID
  Secunia Advisory: SA17657

REDHAT
  http://www.redhat.com/support/errata/RHSA-2004-466.html
  http://www.redhat.com/support/errata/RHSA-2004-447.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1617
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11539

MISC
  http://scary.beasts.org/security/CESA-2004-005.txt

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2005:214

MANDRAKE
  http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095

FEDORA
  http://www.securityfocus.com/archive/1/archive/1/419771/100/0/threaded

DEBIAN
  http://www.debian.org/security/2004/dsa-546

CONECTIVA
  http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875

CERT-VN
  729894

BUGTRAQ
  http://marc.theaimsgroup.com/?l=bugtraq&m=109528994916275&w=2

BID
  11195


Return to the previous page.