A vulnerability exists in the BMP handling of GdkPixbuf. This vulnerability can lead to a denial-of-service condition.
GdkPixbuf is a library used by GTK+ 2 for loading and rendering images. GTK+ is a multi-platform toolkit for creating graphical user interfaces. It is used by the Gnome desktop and other applications. GdkPixbuf contains a heap overflow vulnerability in the DoCompressed() function of the BMP loading routine.
By convincing the user to open a specially crafted BMP file, an attacker could cause a denial of service by crashing the application that uses GdkPixbuf.
Apply a patch from your vendor
For vendor-specific information regarding vulnerable status and patch availability, please see the vendor section of this document.
This vulnerability was reported by the Red Hat Security Response Team.
This document was written by Will Dormann.
|Date First Published:||2004-10-01|
|Date Last Updated:||2004-11-02 16:27 UTC|