Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.novell.com/linux/security/advisories/2005_65_gtk2.html | vendor-advisory x_refsource_SUSE x_transferred |
| http://www.idefense.com/application/poi/display?id=339&type=vulnerabilities | third-party-advisory x_refsource_IDEFENSE x_transferred |
| http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml | vendor-advisory x_refsource_GENTOO x_transferred |
| http://www.securityfocus.com/bid/15435 | vdb-entry x_refsource_BID x_transferred |
| http://secunia.com/advisories/17710 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/18509 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://www.securityfocus.com/archive/1/428052/100/0/threaded | vendor-advisory x_refsource_FEDORA x_transferred |
| http://www.debian.org/security/2005/dsa-911 | vendor-advisory x_refsource_DEBIAN x_transferred |
| http://secunia.com/advisories/17562 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/17615 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://www.redhat.com/support/errata/RHSA-2005-811.html | vendor-advisory x_refsource_REDHAT x_transferred |
| http://secunia.com/advisories/17522 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://www.vupen.com/english/advisories/2005/2433 | vdb-entry x_refsource_VUPEN x_transferred |
| http://www.debian.org/security/2005/dsa-913 | vendor-advisory x_refsource_DEBIAN x_transferred |
| http://secunia.com/advisories/17538 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://securityreason.com/securityalert/188 | third-party-advisory x_refsource_SREASON x_transferred |
| http://www.ubuntu.com/usn/usn-216-1 | vendor-advisory x_refsource_UBUNTU x_transferred |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 | vendor-advisory x_refsource_MANDRIVA x_transferred |
| ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt | vendor-advisory x_refsource_SCO x_transferred |
| http://securitytracker.com/id?1015216 | vdb-entry x_refsource_SECTRACK x_transferred |
| http://secunia.com/advisories/17591 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/17770 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/17594 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/17588 | third-party-advisory x_refsource_SECUNIA x_transferred |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503 | vdb-entry signature x_refsource_OVAL x_transferred |
| http://secunia.com/advisories/17592 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/17791 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://secunia.com/advisories/17657 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://www.redhat.com/support/errata/RHSA-2005-810.html | vendor-advisory x_refsource_REDHAT x_transferred |
| http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf | x_refsource_CONFIRM x_transferred |