Integer Overflow in ICO Image Decoder for gdk-pixbuf and gtk2
CVE-2004-0788

Currently unrated

Key Information:

Vendor

Gnome
Status
Gdkpixbuf
Gtk
Vendor
CVE Published:
20 October 2004

What is CVE-2004-0788?

An integer overflow vulnerability exists in the ICO image decoder within gdk-pixbuf prior to version 0.22 and gtk2 prior to version 2.2.4. This weakness allows remote attackers to craft malicious ICO files that can trigger a denial of service condition, causing targeted applications to crash unexpectedly. Proper validation of image files is essential to prevent exploitative attacks, highlighting the importance of software updates and security patches.

References

https://bugzilla.fedora.us/show_bug.cgi?id=2005
vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2004/dsa-546
vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2004-466.html
vendor-advisoryx_refsource_REDHAT

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.