7.5

CVE-2004-0782

Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnomeGdkpixbuf Version0.17
GnomeGdkpixbuf Version0.18
GnomeGdkpixbuf Version0.20
GnomeGdkpixbuf Version0.22
GnomeGtk Version2.0.2
GnomeGtk Version2.0.6
GnomeGtk Version2.2.1
GnomeGtk Version2.2.3
GnomeGtk Version2.2.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.18% 0.947
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://bugzilla.fedora.us/show_bug.cgi?id=2005
Issue Tracking
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875
Third Party Advisory
http://secunia.com/advisories/17657
Broken Link
http://www.debian.org/security/2004/dsa-546
Third Party Advisory
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:214
Broken Link
http://www.redhat.com/support/errata/RHSA-2004-447.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2004-466.html
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/419771/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/11195
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=109528994916275&w=2
Third Party Advisory
http://scary.beasts.org/security/CESA-2004-005.txt
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1
Third Party Advisory
http://www.kb.cert.org/vuls/id/729894
Third Party Advisory
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/17386
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617
Broken Link