[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-2976Date: (C)2005-11-18   (M)2023-12-22


Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015216
BID-15428
SECUNIA-17522
SECUNIA-17538
SECUNIA-17562
SECUNIA-17592
SECUNIA-17594
SECUNIA-17615
SECUNIA-17657
SECUNIA-17710
SECUNIA-17770
SECUNIA-17791
ADV-2005-2433
DSA-911
DSA-913
FLSA:173274
GLSA-200511-14
MDKSA-2005:214
RHSA-2005:810
SUSE-SA:2005:065
USN-216-1
http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf
oval:org.mitre.oval:def:11370

CWE    1
CWE-190

© SecPod Technologies