Family: Debian Local Security Checks --> Category: infos
[DSA911] DSA-911-1 gtk+2.0 Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Several vulnerabilities have been found in gtk+2.0, the Gtk+ GdkPixBuf
XPM image rendering library. The Common Vulnerabilities and Exposures
project identifies the following problems:
Ludwig Nussel discovered an infinite loop when processing XPM
images that allows a possible hacker to cause a denial of service via a
specially crafted XPM file.
Ludwig Nussel discovered an integer overflow in the way XPM images
are processed that could lead to the execution of arbitrary code
or crash the application via a specially crafted XPM file.
"infamous41md" discovered an integer overflow in the XPM processing
routine that can be used to execute arbitrary code via a traditional heap
The following matrix explains which versions fix these problems:
We recommend that you upgrade your gtk+2.0 packages.
Solution : http://www.debian.org/security/2005/dsa-911
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.