Mandrake Linux Security Advisory : WindowMaker (MDKSA-2002:085)
High Nessus Plugin ID 13983
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionAl Viro discovered a vulnerability in the WindowMaker window manager.
A function used to load images, for example when configuring a new background image or previewing themes, contains a buffer overflow. The function calculates the amount of memory necessary to load the image by doing some multiplication but does not check the results of this multiplication, which may not fit into the destination variable, resulting in a buffer overflow when the image is loaded.
SolutionUpdate the affected packages.