Detections
Analytics
RHEL 2.1 / 3 / 4 : gdk-pixbuf (RHSA-2005:343)
medium Nessus Plugin ID 17980
Synopsis
The remote Red Hat host is missing one or more security updates.Description
Updated gdk-pixbuf packages that fix a double free vulnerability are now available.This update has been rated as having important security impact by the Red Hat Security Response Team.
The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment.
A bug was found in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack on applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0891 to this issue.
Users of gdk-pixbuf are advised to upgrade to these packages, which contain a backported patch and is not vulnerable to this issue.
Solution
Update the affected gdk-pixbuf, gdk-pixbuf-devel and / or gdk-pixbuf-gnome packages.See Also
Plugin Details
Severity: Medium
ID: 17980
File Name: redhat-RHSA-2005-343.nasl
Version: 1.27
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 4/6/2005
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf, p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf-devel, p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf-gnome, cpe:/o:redhat:enterprise_linux:2.1, cpe:/o:redhat:enterprise_linux:3, cpe:/o:redhat:enterprise_linux:4
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Patch Publication Date: 4/5/2005
Vulnerability Publication Date: 5/2/2005
Reference Information
CVE: CVE-2005-0891