RHEL 3 / 4 : gtk2 (RHSA-2005:344)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated gtk2 packages that fix a double free vulnerability are now

This update has been rated as having important security impact by the
Red Hat Security Response Team.

The gtk2 package contains the GIMP ToolKit (GTK+), a library for
creating graphical user interfaces for the X Window System.

A bug was found in the way gtk2 processes BMP images. It is possible
that a specially crafted BMP image could cause a denial of service
attack on applications linked against gtk2. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-0891 to this issue.

Users of gtk2 are advised to upgrade to these packages, which contain
a backported patch and is not vulnerable to this issue.

See also :


Solution :

Update the affected gtk2 and / or gtk2-devel packages.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Red Hat Local Security Checks

Nessus Plugin ID: 17679 ()

Bugtraq ID:

CVE ID: CVE-2005-0891