This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated gdk-pixbuf packages that fix several security flaws are now
The gdk-pixbuf package contains an image loading library used with the
GNOME GUI desktop environment.
[Updated 15th September 2004] Packages have been updated to correct a
bug which caused the xpm loader to fail.
During testing of a previously fixed flaw in Qt (CVE-2004-0691), a
flaw was discovered in the BMP image processor of gdk-pixbuf. An
attacker could create a carefully crafted BMP file which would cause
an application to enter an infinite loop and not respond to user input
when the file was opened by a victim. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-0753
to this issue.
During a security audit, Chris Evans discovered a stack and a heap
overflow in the XPM image decoder. An attacker could create a
carefully crafted XPM file which could cause an application linked
with gtk2 to crash or possibly execute arbitrary code when the file
was opened by a victim. (CVE-2004-0782, CVE-2004-0783)
Chris Evans also discovered an integer overflow in the ICO image
decoder. An attacker could create a carefully crafted ICO file which
could cause an application linked with gtk2 to crash when the file is
opened by a victim. (CVE-2004-0788)
These packages have also been updated to correct a bug which caused
the xpm loader to fail.
Users of gdk-pixbuf are advised to upgrade to these packages, which
contain backported patches and are not vulnerable to these issues.
See also :
Update the affected gdk-pixbuf, gdk-pixbuf-devel and / or
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 14738 ()
CVE ID: CVE-2004-0753CVE-2004-0782CVE-2004-0783CVE-2004-0788
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.