Vulnerability Note VU#378049

Utah Raster Toolkit contains multiple vulnerabilities

Overview

The Utah Raster Toolkit is a graphics library/utility. Several vulnerabilities have been reported in the Utah Raster Toolkit.

I. Description

The Utah Raster Toolkit is a graphics library/utility. Several vulnerabilities have been reported in the Utah Raster Toolkit.

II. Impact

The complete impact of these vulnerability is not yet known. These vulnerabilities may be used to cause a denial of service situation or permit the execution of code.

III. Solution

Please see your vendor notification for a vendor specific patch.

Systems Affected

Vendor	Status	Date Notified
Apple Computer Inc.	Not Vulnerable	17-Mar-2003
Debian	Vulnerable	17-Mar-2003
Fujitsu	Not Vulnerable	17-Mar-2003
Hewlett-Packard Company	Not Vulnerable	17-Mar-2003
Ingrian Networks	Not Vulnerable	17-Mar-2003
Microsoft Corporation	Not Vulnerable	17-Mar-2003
Red Hat Inc.	Vulnerable	3-Apr-2003
Utah Raster Toolkit	Vulnerable	17-Mar-2003

References

Credit

Thanks to Alan Cox for reporting this vulnerability and creating the initial fixes and to Al Viro for discovering the original flaw. We also thank Martin Schulze and Sebastian Kramer provided additional fixes to the patches.

This document was written by Jason A Rafail.

Other Information

Date Public:	2003-02-28
Date First Published:	2003-03-17
Date Last Updated:	2003-04-03
CERT Advisory:
CVE-ID(s):
NVD-ID(s):
US-CERT Technical Alerts:
Metric:	5.03
Document Revision:	4

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader