SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  gdk-pixbuf Vendors:  GNU [multiple authors]
(Sun Issues Final Fix for Solaris) gdk-pixbug BMP, ICO, and XPM Image Processing Errors May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1014288
SecurityTracker URL:  http://securitytracker.com/id?1014288
CVE Reference:  CVE-2004-0753   (Links to External Site)
Updated:  Mar 21 2006
Original Entry Date:  Jun 24 2005
Impact:  Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Advisory:  Sun Alert
Description:  Several vulnerabilities were reported in gdk-pixbug. A remote user can create a specially crafted image file that, when processed by an application using gdk-pixbug, will cause the application to crash or potentially execute arbitrary code.

Mandrake and Red Hat reported that a remote user can create a specially crafted BMP image file that will cause gdk-pixbug to enter an infinite loop [CVE-2004-0753].

It is also reported that Chris Evans discovered several overflows. A heap-based overflow and a stack-based overflow reside in the xpm loader [CVE-2004-0782, CVE-2004-0783]. An integer overflow resides in the ico loader [CVE-2004-0788]. A remote user may be able to trigger the overflows to cause an application that uses gdk-pixbug to crash or possibly execute arbitrary code.
Impact:  A remote user may be able to cause an application using gdk-pixbug to crash or potentially execute arbitrary code with the privileges of the application.
Solution:  Sun has issued the following fixes.

SPARC Platform

* GNOME 2.0 (for Solaris 8) with patch 114644-03 or later
* GNOME 2.0 (for Solaris 9) with patch 114686-03 or later
* GNOME 2.0.2 (for Solaris 9)with patch 115738-04 or later

x86 Platform

* GNOME 2.0 (for Solaris 8) with patch 114645-03 or later
* GNOME 2.0 (for Solaris 9) with patch 114687-03 or later
* GNOME 2.0.2 (for Solaris 9) with patch 115739-04 or later
* Solaris 9 with patch 121092-01 or later

Linux

* Sun Java Desktop System (JDS) 2003 with the updated RPMs (patch-118903-01)
* Sun Java Desktop System (JDS) Release 2 with the updated RPMs (patch-118905-01)

The Sun advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1
Vendor URL:  ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/ (Links to External Site)
Cause:  Boundary error, State error
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  8, 9

Message History:   This archive entry is a follow-up to the message listed below.
Sep 15 2004 gdk-pixbug BMP, ICO, and XPM Image Processing Errors May Let Remote Users Execute Arbitrary Code


 Source Message Contents
Date:  Fri, 24 Jun 2005 02:18:51 -0400
Subject:  http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1

 
 
 
# Sun Alert ID: 101776
# Synopsis: Security Vulnerabilities in The " libgdk_pixbuf" Library May Allow a Remote
 Unprivileged User the ability to Execute Arbitrary Code
# Category: Security
#
Product: GNOME 2.0 Desktop, Sun Java Desktop System 2003
# BugIDs: 5103573
# Avoidance: Patch, Workaround
# State: Workaround
# Date Released: 23-Jun-2005
# Date Closed:
# Date Modified:
 
 
CVE: CAN-2004-0782
CVE: CAN-2004-0783


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2006, SecurityGlobal.net LLC