Buffer Overflow in GTK+ Image Rendering Library Affects Multiple Linux Distributions
CVE-2005-3186

Currently unrated

Key Information:

Vendor: Gnome
Status: Gdkpixbuf; Gtk\+
Vendor: CVE Published:; 18 November 2005

What is CVE-2005-3186?

The GTK+ gdk-pixbuf library, specifically in version 2.4.0 and earlier, is susceptible to a buffer overflow due to an integer overflow issue in its XPM image rendering functionality. Attackers can exploit this vulnerability by crafting a malicious XPM file that forces improper memory allocation. As a result, this can lead to arbitrary code execution, potentially enabling unauthorized access or control of affected systems.

References

http://www.novell.com/linux/security/advisories/2005_65_g...

vendor-advisoryx_refsource_SUSE

http://www.idefense.com/application/poi/display?id=339&ty...

third-party-advisoryx_refsource_IDEFENSE

http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml

vendor-advisoryx_refsource_GENTOO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2005
Vulnerability Reserved
Oct 12, 2005

Gnome

What is CVE-2005-3186?

References

Timeline