Stack-Based Buffer Overflow in XPM Decoder for GTK+ Product by GNOME
CVE-2004-0783

Currently unrated

Key Information:

Vendor
Gnome
Status
Gdkpixbuf
Gtk
Vendor
CVE Published:
20 October 2004

Summary

A stack-based buffer overflow exists in the XPM image decoder found in GTK+ and gdk-pixbuf, which can be exploited by sending a crafted color string to the xpm_extract_color function. This exploitation could enable remote attackers to execute arbitrary code within the context of the affected application. Proper validation of color strings is essential to mitigate the risk of this vulnerability.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...
vendor-advisoryx_refsource_SUNALERT
https://bugzilla.fedora.us/show_bug.cgi?id=2005
vendor-advisoryx_refsource_FEDORA
http://scary.beasts.org/security/CESA-2004-005.txt
x_refsource_MISC

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2004-0783 : Stack-Based Buffer Overflow in XPM Decoder for GTK+ Product by GNOME | SecurityVulnerability.io