Info

Disclosure

Sep 16, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in the GdkPixbuf library. The xpm_extract_color function contains a boundary error when decoding images which may result in a stack-based overflow. With a specially crafted XPM image, an attacker can execute arbitrary code resulting in a loss of confidentiality, integrity, or availability.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Rumored / Private
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Linux vendors have released patches to address this vulnerability.

Products

GTK+ Team

GTK+

2.4.4

GNOME Project

GdkPixbuf

0.22

References

Security Tracker: 1011285
Secunia Advisory ID: 12542 12543 12545 12548 12550 12551 12564 12568 12615 17657
CVE ID: 2004-0783 (see also: NVD)
Related OSVDB ID: 9996 9997 9999
Generic Informational URL: http://cvs.gnome.org/viewcvs/gtk%2B/gdk-pixbuf/
Other Advisory URL: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:214
http://scary.beasts.org/security/CESA-2004-005.txt
http://security.gentoo.org/glsa/glsa-200409-28.xml
http://www.debian.org/security/2004/dsa-546
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:095
Vendor Specific Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1
Keyword: io-xpm.c
RedHat RHSA: RHSA-2004:447 RHSA-2004:466

Credit

Chris Evans - chrisscary.beasts.org -

Direct URL: http://osvdb.org/36218