Family: Debian Local Security Checks --> Category: infos
[DSA549] DSA-549-1 gtk+ Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Chris Evans discovered several problems in gdk-pixbuf, the GdkPixBuf
library used in Gtk. It is possible for a possible hacker to execute
arbitrary code on the victims machine. Gdk-pixbuf for Gtk+1.2 is an
external package. For Gtk+2.0 it's part of the main gtk package.
The Common Vulnerabilities and Exposures Project identifies the
Heap-based overflow in pixbuf_create_from_xpm.
Stack-based overflow in xpm_extract_color.
Integer overflow in the ico loader.
For the stable distribution (woody) these problems have been fixed in
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you upgrade your Gtk packages.
Solution : http://www.debian.org/security/2004/dsa-549
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.