Integer Overflow in ICO Image Decoder for gdk-pixbuf and gtk2
CVE-2004-0788

Currently unrated

Key Information:

Vendor: Gnome
Status: Gdkpixbuf; Gtk
Vendor: CVE Published:; 20 October 2004

Summary

An integer overflow vulnerability exists in the ICO image decoder within gdk-pixbuf prior to version 0.22 and gtk2 prior to version 2.2.4. This weakness allows remote attackers to craft malicious ICO files that can trigger a denial of service condition, causing targeted applications to crash unexpectedly. Proper validation of image files is essential to prevent exploitative attacks, highlighting the importance of software updates and security patches.

References

https://bugzilla.fedora.us/show_bug.cgi?id=2005

vendor-advisoryx_refsource_FEDORA

http://www.debian.org/security/2004/dsa-546

vendor-advisoryx_refsource_DEBIAN

http://www.redhat.com/support/errata/RHSA-2004-466.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 20, 2004
Vulnerability Reserved
Aug 17, 2004