Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2485

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2485
Last Modified 03 Jul 2012 12:00:00
Published 03 Jul 2012 12:40:29
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2485

Summary

The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.

Vulnerable Systems

Application

  • Gnome Gdk-pixbuf 2.22.1

  • Gnome Gdk-pixbuf 2.23.3


References

CONFIRM - http://git.gnome.org/browse/gdk-pixbuf/commit/?id=f8569bb13e2aa1584dde61ca545144750f7a7c98

GENTOO - GLSA-201206-20

SECUNIA - 49715

SECUNIA - 45656

CONFIRM - http://ftp.gnome.org/pub/GNOME/sources/gdk-pixbuf/2.23/gdk-pixbuf-2.23.5.news

Related Patches

Novell SUSE 2012:6367 gdk-pixbuf security update for SLED 11 SP1 i586

Novell SUSE 2012:6367 gdk-pixbuf security update for SLED 11 SP1 x86_64

Novell SUSE 2012:6389 gtk2 security update for SLE 11 SP1 i586

Novell SUSE 2012:6389 gtk2 security update for SLE 11 SP1 x86_64

Novell SUSE 2012:6390 gtk2 security update for SLE 11 SP2 i586

Novell SUSE 2012:6390 gtk2 security update for SLE 11 SP2 x86_64

Novell SUSE 2012:8158 gdk-pixbuf security update for SLE 10 SP4 i586

Novell SUSE 2012:8158 gdk-pixbuf security update for SLE 10 SP4 x86_64

Novell SUSE 2012:8174 gtk2 security update for SLE 10 SP4 i586

Novell SUSE 2012:8174 gtk2 security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:57:33