FreeBSD : gdk-pixbuf -- image decoding vulnerabilities (3d1e9267-073f-11d9-b45d-000c41e2cdad)
High Nessus Plugin ID 18908
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionChris Evans discovered several flaws in the gdk-pixbuf XPM image decoder :
- Heap-based overflow in pixbuf_create_from_xpm
- Stack-based overflow in xpm_extract_color
- Integer overflows in io-ico.c
Some of these flaws are believed to be exploitable.
SolutionUpdate the affected packages.