Synopsis :

The remote Debian host is missing a security-related update.

Description :

Thomas Kristensen discovered a vulnerability in gdk-pixbuf (binary
package libgdk-pixbuf2), the GdkPixBuf image library for Gtk, that can
cause the surrounding application to crash. To exploit this problem, a
remote attacker could send a carefully-crafted BMP file via mail,
which would cause e.g. Evolution to crash but is probably not limited
to Evolution.

See also :

http://www.debian.org/security/2004/dsa-464

Solution :

Upgrade the libgdk-pixbuf2 package.

For the stable distribution (woody) this problem has been fixed in
version 0.17.0-2woody1.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false