Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3186

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3186
Last Modified 07 Mar 2011 09:25:59
Published 18 Nov 2005 01:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3186

Summary

Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.

Vulnerable Systems

Application

  • Gnome Gdkpixbuf

  • Gtk%2b 2.4.0


References

REDHAT - RHSA-2005:810

IDEFENSE - 20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability

VUPEN - ADV-2005-2433

UBUNTU - USN-216-1

BID - 15435

FEDORA - FLSA:173274

REDHAT - RHSA-2005:811

SUSE - SUSE-SA:2005:065

MANDRIVA - MDKSA-2005:214

GENTOO - GLSA-200511-14

DEBIAN - DSA-913

DEBIAN - DSA-911

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf

SECTRACK - 1015216

SREASON - 188

SECUNIA - 18509

SECUNIA - 17791

SECUNIA - 17770

SECUNIA - 17710

SECUNIA - 17657

SECUNIA - 17615

SECUNIA - 17594

SECUNIA - 17592

SECUNIA - 17591

SECUNIA - 17588

SECUNIA - 17562

SECUNIA - 17538

SECUNIA - 17522

SCO - SCOSA-2006.8


Last Updated: 27 May 2016 10:40:50