Search

Find a vulnerability

Search criteria

    22 vulnerabilities found for gdkpixbuf by gnome

    CVE-2025-6199 (GCVE-0-2025-6199)

    Vulnerability from nvd – Published: 2025-06-17 14:30 – Updated: 2026-06-30 10:40
    VLAI
    Title
    Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder
    Summary
    A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 0 , < 2.43.2 (semver)
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2025-06-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6199",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T14:43:00.906047Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T14:43:23.322Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T20:06:51.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00023.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/",
              "defaultStatus": "unaffected",
              "packageName": "gdk-pixbuf",
              "versions": [
                {
                  "lessThan": "2.43.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "glycin-loaders",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "loupe",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "snapshot",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "librsvg2",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the GIF parser of GdkPixbuf\u2019s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Low"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T10:40:25.536Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-6199"
            },
            {
              "name": "RHBZ#2373147",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373147"
            },
            {
              "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/257"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-17T11:53:43.788Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-06-17T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-6199",
        "datePublished": "2025-06-17T14:30:42.665Z",
        "dateReserved": "2025-06-17T11:58:17.009Z",
        "dateUpdated": "2026-06-30T10:40:25.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-48622 (GCVE-0-2022-48622)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2024-08-26 19:25
    VLAI
    Summary
    In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    gnome gdkpixbuf Affected: 0 , ≤ 2.42.10 (custom)
        cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T15:17:55.258Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gdkpixbuf",
                "vendor": "gnome",
                "versions": [
                  {
                    "lessThanOrEqual": "2.42.10",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-48622",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-26T19:23:51.698580Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T19:25:00.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T08:07:20.716Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-48622",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2024-01-26T00:00:00.000Z",
        "dateUpdated": "2024-08-26T19:25:00.545Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44648 (GCVE-0-2021-44648)

    Vulnerability from nvd – Published: 2022-01-12 12:31 – Updated: 2024-08-04 04:25
    VLAI
    Summary
    GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:25:16.838Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"
              },
              {
                "name": "FEDORA-2022-725db8230b",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/"
              },
              {
                "name": "FEDORA-2022-a16e5d72fc",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/"
              },
              {
                "name": "DSA-5228",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5228"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-12T07:06:12.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"
            },
            {
              "name": "FEDORA-2022-725db8230b",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/"
            },
            {
              "name": "FEDORA-2022-a16e5d72fc",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/"
            },
            {
              "name": "DSA-5228",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5228"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-44648",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136",
                  "refsource": "MISC",
                  "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"
                },
                {
                  "name": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/",
                  "refsource": "MISC",
                  "url": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"
                },
                {
                  "name": "FEDORA-2022-725db8230b",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/"
                },
                {
                  "name": "FEDORA-2022-a16e5d72fc",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/"
                },
                {
                  "name": "DSA-5228",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2022/dsa-5228"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-44648",
        "datePublished": "2022-01-12T12:31:26.000Z",
        "dateReserved": "2021-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:25:16.838Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2976 (GCVE-0-2005-2976)

    Vulnerability from nvd – Published: 2005-11-18 11:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/17710 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/428052/100… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2005/dsa-911 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17562 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17615 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17522 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2433 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2005/dsa-913 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17538 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-216-1 vendor-advisoryx_refsource_UBUNTU
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://securitytracker.com/id?1015216 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/15428 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17770 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17594 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17592 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17791 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-810.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.943Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2005:065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
              },
              {
                "name": "GLSA-200511-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
              },
              {
                "name": "17710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17710"
              },
              {
                "name": "FLSA:173274",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
              },
              {
                "name": "DSA-911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-911"
              },
              {
                "name": "17562",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17562"
              },
              {
                "name": "17615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17615"
              },
              {
                "name": "17522",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17522"
              },
              {
                "name": "ADV-2005-2433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2433"
              },
              {
                "name": "DSA-913",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-913"
              },
              {
                "name": "17538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17538"
              },
              {
                "name": "USN-216-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-216-1"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "1015216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015216"
              },
              {
                "name": "15428",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15428"
              },
              {
                "name": "17770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17770"
              },
              {
                "name": "17594",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17594"
              },
              {
                "name": "17592",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17592"
              },
              {
                "name": "17791",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17791"
              },
              {
                "name": "oval:org.mitre.oval:def:11370",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "RHSA-2005:810",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "SUSE-SA:2005:065",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
            },
            {
              "name": "GLSA-200511-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
            },
            {
              "name": "17710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17710"
            },
            {
              "name": "FLSA:173274",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
            },
            {
              "name": "DSA-911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-911"
            },
            {
              "name": "17562",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17562"
            },
            {
              "name": "17615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17615"
            },
            {
              "name": "17522",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17522"
            },
            {
              "name": "ADV-2005-2433",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2433"
            },
            {
              "name": "DSA-913",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-913"
            },
            {
              "name": "17538",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17538"
            },
            {
              "name": "USN-216-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-216-1"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "1015216",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015216"
            },
            {
              "name": "15428",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15428"
            },
            {
              "name": "17770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17770"
            },
            {
              "name": "17594",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17594"
            },
            {
              "name": "17592",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17592"
            },
            {
              "name": "17791",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17791"
            },
            {
              "name": "oval:org.mitre.oval:def:11370",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "RHSA-2005:810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2005-2976",
        "datePublished": "2005-11-18T11:00:00.000Z",
        "dateReserved": "2005-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.943Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2975 (GCVE-0-2005-2975)

    Vulnerability from nvd – Published: 2005-11-18 11:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/17710 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/428052/100… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2005/dsa-911 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17562 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17615 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-811.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/17522 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2433 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2005/dsa-913 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17538 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-216-1 vendor-advisoryx_refsource_UBUNTU
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://securitytracker.com/id?1015216 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17591 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17770 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/15429 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17594 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17588 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17592 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17791 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-810.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.944Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2005:065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
              },
              {
                "name": "GLSA-200511-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
              },
              {
                "name": "17710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17710"
              },
              {
                "name": "FLSA:173274",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
              },
              {
                "name": "DSA-911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-911"
              },
              {
                "name": "17562",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17562"
              },
              {
                "name": "17615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17615"
              },
              {
                "name": "RHSA-2005:811",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
              },
              {
                "name": "17522",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17522"
              },
              {
                "name": "ADV-2005-2433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2433"
              },
              {
                "name": "DSA-913",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-913"
              },
              {
                "name": "17538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17538"
              },
              {
                "name": "USN-216-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-216-1"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "1015216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015216"
              },
              {
                "name": "17591",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17591"
              },
              {
                "name": "17770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17770"
              },
              {
                "name": "15429",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15429"
              },
              {
                "name": "17594",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17594"
              },
              {
                "name": "17588",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17588"
              },
              {
                "name": "17592",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17592"
              },
              {
                "name": "17791",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17791"
              },
              {
                "name": "oval:org.mitre.oval:def:9697",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "RHSA-2005:810",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "SUSE-SA:2005:065",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
            },
            {
              "name": "GLSA-200511-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
            },
            {
              "name": "17710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17710"
            },
            {
              "name": "FLSA:173274",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
            },
            {
              "name": "DSA-911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-911"
            },
            {
              "name": "17562",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17562"
            },
            {
              "name": "17615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17615"
            },
            {
              "name": "RHSA-2005:811",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
            },
            {
              "name": "17522",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17522"
            },
            {
              "name": "ADV-2005-2433",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2433"
            },
            {
              "name": "DSA-913",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-913"
            },
            {
              "name": "17538",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17538"
            },
            {
              "name": "USN-216-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-216-1"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "1015216",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015216"
            },
            {
              "name": "17591",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17591"
            },
            {
              "name": "17770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17770"
            },
            {
              "name": "15429",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15429"
            },
            {
              "name": "17594",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17594"
            },
            {
              "name": "17588",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17588"
            },
            {
              "name": "17592",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17592"
            },
            {
              "name": "17791",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17791"
            },
            {
              "name": "oval:org.mitre.oval:def:9697",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "RHSA-2005:810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2005-2975",
        "datePublished": "2005-11-18T11:00:00.000Z",
        "dateReserved": "2005-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.944Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3186 (GCVE-0-2005-3186)

    Vulnerability from nvd – Published: 2005-11-18 11:00 – Updated: 2024-08-07 23:01
    VLAI
    Summary
    Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/15435 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17710 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18509 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/428052/100… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2005/dsa-911 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17562 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17615 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-811.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/17522 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2433 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2005/dsa-913 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17538 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/188 third-party-advisoryx_refsource_SREASON
    http://www.ubuntu.com/usn/usn-216-1 vendor-advisoryx_refsource_UBUNTU
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://securitytracker.com/id?1015216 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17591 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17770 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17594 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17588 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/17592 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17791 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-810.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:01:58.496Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2005:065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
              },
              {
                "name": "20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=339\u0026type=vulnerabilities"
              },
              {
                "name": "GLSA-200511-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
              },
              {
                "name": "15435",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15435"
              },
              {
                "name": "17710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17710"
              },
              {
                "name": "18509",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18509"
              },
              {
                "name": "FLSA:173274",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
              },
              {
                "name": "DSA-911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-911"
              },
              {
                "name": "17562",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17562"
              },
              {
                "name": "17615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17615"
              },
              {
                "name": "RHSA-2005:811",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
              },
              {
                "name": "17522",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17522"
              },
              {
                "name": "ADV-2005-2433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2433"
              },
              {
                "name": "DSA-913",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-913"
              },
              {
                "name": "17538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17538"
              },
              {
                "name": "188",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/188"
              },
              {
                "name": "USN-216-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-216-1"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "SCOSA-2006.8",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt"
              },
              {
                "name": "1015216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015216"
              },
              {
                "name": "17591",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17591"
              },
              {
                "name": "17770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17770"
              },
              {
                "name": "17594",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17594"
              },
              {
                "name": "17588",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17588"
              },
              {
                "name": "oval:org.mitre.oval:def:9503",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503"
              },
              {
                "name": "17592",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17592"
              },
              {
                "name": "17791",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17791"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "RHSA-2005:810",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SUSE-SA:2005:065",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
            },
            {
              "name": "20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=339\u0026type=vulnerabilities"
            },
            {
              "name": "GLSA-200511-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
            },
            {
              "name": "15435",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15435"
            },
            {
              "name": "17710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17710"
            },
            {
              "name": "18509",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18509"
            },
            {
              "name": "FLSA:173274",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
            },
            {
              "name": "DSA-911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-911"
            },
            {
              "name": "17562",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17562"
            },
            {
              "name": "17615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17615"
            },
            {
              "name": "RHSA-2005:811",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
            },
            {
              "name": "17522",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17522"
            },
            {
              "name": "ADV-2005-2433",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2433"
            },
            {
              "name": "DSA-913",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-913"
            },
            {
              "name": "17538",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17538"
            },
            {
              "name": "188",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/188"
            },
            {
              "name": "USN-216-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-216-1"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "SCOSA-2006.8",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt"
            },
            {
              "name": "1015216",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015216"
            },
            {
              "name": "17591",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17591"
            },
            {
              "name": "17770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17770"
            },
            {
              "name": "17594",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17594"
            },
            {
              "name": "17588",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17588"
            },
            {
              "name": "oval:org.mitre.oval:def:9503",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503"
            },
            {
              "name": "17592",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17592"
            },
            {
              "name": "17791",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17791"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "RHSA-2005:810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3186",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SUSE-SA:2005:065",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
                },
                {
                  "name": "20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=339\u0026type=vulnerabilities"
                },
                {
                  "name": "GLSA-200511-14",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
                },
                {
                  "name": "15435",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15435"
                },
                {
                  "name": "17710",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17710"
                },
                {
                  "name": "18509",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18509"
                },
                {
                  "name": "FLSA:173274",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
                },
                {
                  "name": "DSA-911",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-911"
                },
                {
                  "name": "17562",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17562"
                },
                {
                  "name": "17615",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17615"
                },
                {
                  "name": "RHSA-2005:811",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
                },
                {
                  "name": "17522",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17522"
                },
                {
                  "name": "ADV-2005-2433",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2433"
                },
                {
                  "name": "DSA-913",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-913"
                },
                {
                  "name": "17538",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17538"
                },
                {
                  "name": "188",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/188"
                },
                {
                  "name": "USN-216-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/usn-216-1"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "SCOSA-2006.8",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt"
                },
                {
                  "name": "1015216",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015216"
                },
                {
                  "name": "17591",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17591"
                },
                {
                  "name": "17770",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17770"
                },
                {
                  "name": "17594",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17594"
                },
                {
                  "name": "17588",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17588"
                },
                {
                  "name": "oval:org.mitre.oval:def:9503",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503"
                },
                {
                  "name": "17592",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17592"
                },
                {
                  "name": "17791",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17791"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                },
                {
                  "name": "RHSA-2005:810",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3186",
        "datePublished": "2005-11-18T11:00:00.000Z",
        "dateReserved": "2005-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:01:58.496Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0782 (GCVE-0-2004-0782)

    Vulnerability from nvd – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2004/dsa-546 vendor-advisoryx_refsource_DEBIAN
    http://scary.beasts.org/security/CESA-2004-005.txt x_refsource_MISC
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=109528994916275&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/729894 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:47.416Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "101776",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
              },
              {
                "name": "oval:org.mitre.oval:def:11539",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539"
              },
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "DSA-546",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-546"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "oval:org.mitre.oval:def:1617",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "gtk-xpm-pixbufcreatefromxpm-bo(17386)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17386"
              },
              {
                "name": "VU#729894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/729894"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "101776",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
            },
            {
              "name": "oval:org.mitre.oval:def:11539",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539"
            },
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "DSA-546",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-546"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "oval:org.mitre.oval:def:1617",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "gtk-xpm-pixbufcreatefromxpm-bo(17386)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17386"
            },
            {
              "name": "VU#729894",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/729894"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0782",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "101776",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
                },
                {
                  "name": "oval:org.mitre.oval:def:11539",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539"
                },
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "DSA-546",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-546"
                },
                {
                  "name": "http://scary.beasts.org/security/CESA-2004-005.txt",
                  "refsource": "MISC",
                  "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "oval:org.mitre.oval:def:1617",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                },
                {
                  "name": "gtk-xpm-pixbufcreatefromxpm-bo(17386)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17386"
                },
                {
                  "name": "VU#729894",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/729894"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0782",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:47.416Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0783 (GCVE-0-2004-0783)

    Vulnerability from nvd – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://scary.beasts.org/security/CESA-2004-005.txt x_refsource_MISC
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=109528994916275&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/369358 third-party-advisoryx_refsource_CERT-VN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:46.830Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "101776",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
              },
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
              },
              {
                "name": "oval:org.mitre.oval:def:9348",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
              },
              {
                "name": "oval:org.mitre.oval:def:1786",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
              },
              {
                "name": "gtk-xpm-xpmextractcolor-bo(17385)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
              },
              {
                "name": "VU#369358",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/369358"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "MDKSA-2004:096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "101776",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
            },
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
            },
            {
              "name": "oval:org.mitre.oval:def:9348",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
            },
            {
              "name": "oval:org.mitre.oval:def:1786",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
            },
            {
              "name": "gtk-xpm-xpmextractcolor-bo(17385)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
            },
            {
              "name": "VU#369358",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/369358"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "MDKSA-2004:096",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0783",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "101776",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
                },
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "http://scary.beasts.org/security/CESA-2004-005.txt",
                  "refsource": "MISC",
                  "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
                },
                {
                  "name": "oval:org.mitre.oval:def:9348",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
                },
                {
                  "name": "oval:org.mitre.oval:def:1786",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
                },
                {
                  "name": "gtk-xpm-xpmextractcolor-bo(17385)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
                },
                {
                  "name": "VU#369358",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/369358"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "MDKSA-2004:096",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0783",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:46.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0753 (GCVE-0-2004-0753)

    Vulnerability from nvd – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2004/dsa-546 vendor-advisoryx_refsource_DEBIAN
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/825374 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:46.605Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "DSA-546",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-546"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "oval:org.mitre.oval:def:10585",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "gtk-bmp-dos(17383)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17383"
              },
              {
                "name": "VU#825374",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/825374"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "DSA-546",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-546"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "oval:org.mitre.oval:def:10585",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "gtk-bmp-dos(17383)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17383"
            },
            {
              "name": "VU#825374",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/825374"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0753",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "DSA-546",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-546"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "oval:org.mitre.oval:def:10585",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "gtk-bmp-dos(17383)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17383"
                },
                {
                  "name": "VU#825374",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/825374"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0753",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-07-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:46.605Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0788 (GCVE-0-2004-0788)

    Vulnerability from nvd – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2004/dsa-546 vendor-advisoryx_refsource_DEBIAN
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/577654 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:46.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "DSA-546",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-546"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "gtk-ico-integer-bo(17387)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17387"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "oval:org.mitre.oval:def:10506",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "VU#577654",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/577654"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "DSA-546",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-546"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "gtk-ico-integer-bo(17387)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17387"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "oval:org.mitre.oval:def:10506",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "VU#577654",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/577654"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0788",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "DSA-546",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-546"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "gtk-ico-integer-bo(17387)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17387"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "oval:org.mitre.oval:def:10506",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                },
                {
                  "name": "VU#577654",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/577654"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0788",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:46.976Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0111 (GCVE-0-2004-0111)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2004/dsa-464 vendor-advisoryx_refsource_DEBIAN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-103.html vendor-advisoryx_refsource_REDHAT
    http://www.mandrakesoft.com/security/advisories?n… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/9842 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2004-102.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2004-03-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.431Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "gdk-pixbuf-bitmap-dos(15426)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426"
              },
              {
                "name": "DSA-464",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-464"
              },
              {
                "name": "oval:org.mitre.oval:def:845",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845"
              },
              {
                "name": "RHSA-2004:103",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html"
              },
              {
                "name": "MDKSA-2004:020",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020"
              },
              {
                "name": "9842",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9842"
              },
              {
                "name": "RHSA-2004:102",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html"
              },
              {
                "name": "oval:org.mitre.oval:def:846",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-07-17T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "gdk-pixbuf-bitmap-dos(15426)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426"
            },
            {
              "name": "DSA-464",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-464"
            },
            {
              "name": "oval:org.mitre.oval:def:845",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845"
            },
            {
              "name": "RHSA-2004:103",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html"
            },
            {
              "name": "MDKSA-2004:020",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020"
            },
            {
              "name": "9842",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9842"
            },
            {
              "name": "RHSA-2004:102",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html"
            },
            {
              "name": "oval:org.mitre.oval:def:846",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0111",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "gdk-pixbuf-bitmap-dos(15426)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426"
                },
                {
                  "name": "DSA-464",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-464"
                },
                {
                  "name": "oval:org.mitre.oval:def:845",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845"
                },
                {
                  "name": "RHSA-2004:103",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html"
                },
                {
                  "name": "MDKSA-2004:020",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020"
                },
                {
                  "name": "9842",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9842"
                },
                {
                  "name": "RHSA-2004:102",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:846",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0111",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.431Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6199 (GCVE-0-2025-6199)

    Vulnerability from cvelistv5 – Published: 2025-06-17 14:30 – Updated: 2026-06-30 10:40
    VLAI
    Title
    Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder
    Summary
    A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Affected: 0 , < 2.43.2 (semver)
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Date Public
    2025-06-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6199",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T14:43:00.906047Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T14:43:23.322Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T20:06:51.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00023.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/",
              "defaultStatus": "unaffected",
              "packageName": "gdk-pixbuf",
              "versions": [
                {
                  "lessThan": "2.43.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "glycin-loaders",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "loupe",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "snapshot",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "gdk-pixbuf2",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "librsvg2",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in the GIF parser of GdkPixbuf\u2019s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Low"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T10:40:25.536Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-6199"
            },
            {
              "name": "RHBZ#2373147",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373147"
            },
            {
              "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/257"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-17T11:53:43.788Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-06-17T00:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-6199",
        "datePublished": "2025-06-17T14:30:42.665Z",
        "dateReserved": "2025-06-17T11:58:17.009Z",
        "dateUpdated": "2026-06-30T10:40:25.536Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-48622 (GCVE-0-2022-48622)

    Vulnerability from cvelistv5 – Published: 2024-01-26 00:00 – Updated: 2024-08-26 19:25
    VLAI
    Summary
    In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    gnome gdkpixbuf Affected: 0 , ≤ 2.42.10 (custom)
        cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T15:17:55.258Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:gnome:gdkpixbuf:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "gdkpixbuf",
                "vendor": "gnome",
                "versions": [
                  {
                    "lessThanOrEqual": "2.42.10",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-48622",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-26T19:23:51.698580Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-26T19:25:00.545Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T08:07:20.716Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/202"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-48622",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2024-01-26T00:00:00.000Z",
        "dateUpdated": "2024-08-26T19:25:00.545Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-44648 (GCVE-0-2021-44648)

    Vulnerability from cvelistv5 – Published: 2022-01-12 12:31 – Updated: 2024-08-04 04:25
    VLAI
    Summary
    GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:25:16.838Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"
              },
              {
                "name": "FEDORA-2022-725db8230b",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/"
              },
              {
                "name": "FEDORA-2022-a16e5d72fc",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/"
              },
              {
                "name": "DSA-5228",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5228"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-12T07:06:12.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"
            },
            {
              "name": "FEDORA-2022-725db8230b",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/"
            },
            {
              "name": "FEDORA-2022-a16e5d72fc",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/"
            },
            {
              "name": "DSA-5228",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5228"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2021-44648",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136",
                  "refsource": "MISC",
                  "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136"
                },
                {
                  "name": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/",
                  "refsource": "MISC",
                  "url": "https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/"
                },
                {
                  "name": "FEDORA-2022-725db8230b",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEKBMOO52RXONWKB6ZKKHTVPLF6WC3KF/"
                },
                {
                  "name": "FEDORA-2022-a16e5d72fc",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEVTOGIJITK2N5AOOLKKMDIICZDQE6CH/"
                },
                {
                  "name": "DSA-5228",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2022/dsa-5228"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-44648",
        "datePublished": "2022-01-12T12:31:26.000Z",
        "dateReserved": "2021-12-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T04:25:16.838Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2976 (GCVE-0-2005-2976)

    Vulnerability from cvelistv5 – Published: 2005-11-18 11:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/17710 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/428052/100… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2005/dsa-911 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17562 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17615 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17522 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2433 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2005/dsa-913 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17538 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-216-1 vendor-advisoryx_refsource_UBUNTU
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://securitytracker.com/id?1015216 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/15428 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17770 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17594 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17592 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17791 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-810.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.943Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2005:065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
              },
              {
                "name": "GLSA-200511-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
              },
              {
                "name": "17710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17710"
              },
              {
                "name": "FLSA:173274",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
              },
              {
                "name": "DSA-911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-911"
              },
              {
                "name": "17562",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17562"
              },
              {
                "name": "17615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17615"
              },
              {
                "name": "17522",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17522"
              },
              {
                "name": "ADV-2005-2433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2433"
              },
              {
                "name": "DSA-913",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-913"
              },
              {
                "name": "17538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17538"
              },
              {
                "name": "USN-216-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-216-1"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "1015216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015216"
              },
              {
                "name": "15428",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15428"
              },
              {
                "name": "17770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17770"
              },
              {
                "name": "17594",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17594"
              },
              {
                "name": "17592",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17592"
              },
              {
                "name": "17791",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17791"
              },
              {
                "name": "oval:org.mitre.oval:def:11370",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "RHSA-2005:810",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "SUSE-SA:2005:065",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
            },
            {
              "name": "GLSA-200511-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
            },
            {
              "name": "17710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17710"
            },
            {
              "name": "FLSA:173274",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
            },
            {
              "name": "DSA-911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-911"
            },
            {
              "name": "17562",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17562"
            },
            {
              "name": "17615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17615"
            },
            {
              "name": "17522",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17522"
            },
            {
              "name": "ADV-2005-2433",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2433"
            },
            {
              "name": "DSA-913",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-913"
            },
            {
              "name": "17538",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17538"
            },
            {
              "name": "USN-216-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-216-1"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "1015216",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015216"
            },
            {
              "name": "15428",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15428"
            },
            {
              "name": "17770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17770"
            },
            {
              "name": "17594",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17594"
            },
            {
              "name": "17592",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17592"
            },
            {
              "name": "17791",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17791"
            },
            {
              "name": "oval:org.mitre.oval:def:11370",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "RHSA-2005:810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2005-2976",
        "datePublished": "2005-11-18T11:00:00.000Z",
        "dateReserved": "2005-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.943Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2975 (GCVE-0-2005-2975)

    Vulnerability from cvelistv5 – Published: 2005-11-18 11:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/17710 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/428052/100… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2005/dsa-911 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17562 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17615 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-811.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/17522 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2433 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2005/dsa-913 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17538 third-party-advisoryx_refsource_SECUNIA
    http://www.ubuntu.com/usn/usn-216-1 vendor-advisoryx_refsource_UBUNTU
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://securitytracker.com/id?1015216 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17591 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17770 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/15429 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17594 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17588 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17592 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17791 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-810.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.944Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2005:065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
              },
              {
                "name": "GLSA-200511-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
              },
              {
                "name": "17710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17710"
              },
              {
                "name": "FLSA:173274",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
              },
              {
                "name": "DSA-911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-911"
              },
              {
                "name": "17562",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17562"
              },
              {
                "name": "17615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17615"
              },
              {
                "name": "RHSA-2005:811",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
              },
              {
                "name": "17522",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17522"
              },
              {
                "name": "ADV-2005-2433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2433"
              },
              {
                "name": "DSA-913",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-913"
              },
              {
                "name": "17538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17538"
              },
              {
                "name": "USN-216-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-216-1"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "1015216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015216"
              },
              {
                "name": "17591",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17591"
              },
              {
                "name": "17770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17770"
              },
              {
                "name": "15429",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15429"
              },
              {
                "name": "17594",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17594"
              },
              {
                "name": "17588",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17588"
              },
              {
                "name": "17592",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17592"
              },
              {
                "name": "17791",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17791"
              },
              {
                "name": "oval:org.mitre.oval:def:9697",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "RHSA-2005:810",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "SUSE-SA:2005:065",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
            },
            {
              "name": "GLSA-200511-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
            },
            {
              "name": "17710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17710"
            },
            {
              "name": "FLSA:173274",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
            },
            {
              "name": "DSA-911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-911"
            },
            {
              "name": "17562",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17562"
            },
            {
              "name": "17615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17615"
            },
            {
              "name": "RHSA-2005:811",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
            },
            {
              "name": "17522",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17522"
            },
            {
              "name": "ADV-2005-2433",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2433"
            },
            {
              "name": "DSA-913",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-913"
            },
            {
              "name": "17538",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17538"
            },
            {
              "name": "USN-216-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-216-1"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "1015216",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015216"
            },
            {
              "name": "17591",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17591"
            },
            {
              "name": "17770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17770"
            },
            {
              "name": "15429",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15429"
            },
            {
              "name": "17594",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17594"
            },
            {
              "name": "17588",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17588"
            },
            {
              "name": "17592",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17592"
            },
            {
              "name": "17791",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17791"
            },
            {
              "name": "oval:org.mitre.oval:def:9697",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "RHSA-2005:810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2005-2975",
        "datePublished": "2005-11-18T11:00:00.000Z",
        "dateReserved": "2005-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.944Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3186 (GCVE-0-2005-3186)

    Vulnerability from cvelistv5 – Published: 2005-11-18 11:00 – Updated: 2024-08-07 23:01
    VLAI
    Summary
    Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/15435 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17710 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18509 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/428052/100… vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2005/dsa-911 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17562 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17615 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-811.html vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/17522 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2433 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2005/dsa-913 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/17538 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/188 third-party-advisoryx_refsource_SREASON
    http://www.ubuntu.com/usn/usn-216-1 vendor-advisoryx_refsource_UBUNTU
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
    http://securitytracker.com/id?1015216 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17591 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17770 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17594 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17588 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/17592 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17791 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2005-810.html vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-11-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:01:58.496Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "SUSE-SA:2005:065",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
              },
              {
                "name": "20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=339\u0026type=vulnerabilities"
              },
              {
                "name": "GLSA-200511-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
              },
              {
                "name": "15435",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15435"
              },
              {
                "name": "17710",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17710"
              },
              {
                "name": "18509",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18509"
              },
              {
                "name": "FLSA:173274",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
              },
              {
                "name": "DSA-911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-911"
              },
              {
                "name": "17562",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17562"
              },
              {
                "name": "17615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17615"
              },
              {
                "name": "RHSA-2005:811",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
              },
              {
                "name": "17522",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17522"
              },
              {
                "name": "ADV-2005-2433",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2433"
              },
              {
                "name": "DSA-913",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-913"
              },
              {
                "name": "17538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17538"
              },
              {
                "name": "188",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/188"
              },
              {
                "name": "USN-216-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-216-1"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "SCOSA-2006.8",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt"
              },
              {
                "name": "1015216",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015216"
              },
              {
                "name": "17591",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17591"
              },
              {
                "name": "17770",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17770"
              },
              {
                "name": "17594",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17594"
              },
              {
                "name": "17588",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17588"
              },
              {
                "name": "oval:org.mitre.oval:def:9503",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503"
              },
              {
                "name": "17592",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17592"
              },
              {
                "name": "17791",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17791"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "RHSA-2005:810",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "SUSE-SA:2005:065",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
            },
            {
              "name": "20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=339\u0026type=vulnerabilities"
            },
            {
              "name": "GLSA-200511-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
            },
            {
              "name": "15435",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15435"
            },
            {
              "name": "17710",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17710"
            },
            {
              "name": "18509",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18509"
            },
            {
              "name": "FLSA:173274",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
            },
            {
              "name": "DSA-911",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-911"
            },
            {
              "name": "17562",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17562"
            },
            {
              "name": "17615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17615"
            },
            {
              "name": "RHSA-2005:811",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
            },
            {
              "name": "17522",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17522"
            },
            {
              "name": "ADV-2005-2433",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2433"
            },
            {
              "name": "DSA-913",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-913"
            },
            {
              "name": "17538",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17538"
            },
            {
              "name": "188",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/188"
            },
            {
              "name": "USN-216-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-216-1"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "SCOSA-2006.8",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt"
            },
            {
              "name": "1015216",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015216"
            },
            {
              "name": "17591",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17591"
            },
            {
              "name": "17770",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17770"
            },
            {
              "name": "17594",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17594"
            },
            {
              "name": "17588",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17588"
            },
            {
              "name": "oval:org.mitre.oval:def:9503",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503"
            },
            {
              "name": "17592",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17592"
            },
            {
              "name": "17791",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17791"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "RHSA-2005:810",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3186",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "SUSE-SA:2005:065",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html"
                },
                {
                  "name": "20051115 Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=339\u0026type=vulnerabilities"
                },
                {
                  "name": "GLSA-200511-14",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml"
                },
                {
                  "name": "15435",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15435"
                },
                {
                  "name": "17710",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17710"
                },
                {
                  "name": "18509",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18509"
                },
                {
                  "name": "FLSA:173274",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded"
                },
                {
                  "name": "DSA-911",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-911"
                },
                {
                  "name": "17562",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17562"
                },
                {
                  "name": "17615",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17615"
                },
                {
                  "name": "RHSA-2005:811",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-811.html"
                },
                {
                  "name": "17522",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17522"
                },
                {
                  "name": "ADV-2005-2433",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2433"
                },
                {
                  "name": "DSA-913",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-913"
                },
                {
                  "name": "17538",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17538"
                },
                {
                  "name": "188",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/188"
                },
                {
                  "name": "USN-216-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/usn-216-1"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "SCOSA-2006.8",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.8/SCOSA-2006.8.txt"
                },
                {
                  "name": "1015216",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015216"
                },
                {
                  "name": "17591",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17591"
                },
                {
                  "name": "17770",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17770"
                },
                {
                  "name": "17594",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17594"
                },
                {
                  "name": "17588",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17588"
                },
                {
                  "name": "oval:org.mitre.oval:def:9503",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9503"
                },
                {
                  "name": "17592",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17592"
                },
                {
                  "name": "17791",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17791"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                },
                {
                  "name": "RHSA-2005:810",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3186",
        "datePublished": "2005-11-18T11:00:00.000Z",
        "dateReserved": "2005-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:01:58.496Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0782 (GCVE-0-2004-0782)

    Vulnerability from cvelistv5 – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2004/dsa-546 vendor-advisoryx_refsource_DEBIAN
    http://scary.beasts.org/security/CESA-2004-005.txt x_refsource_MISC
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=109528994916275&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/729894 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:47.416Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "101776",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
              },
              {
                "name": "oval:org.mitre.oval:def:11539",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539"
              },
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "DSA-546",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-546"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "oval:org.mitre.oval:def:1617",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "gtk-xpm-pixbufcreatefromxpm-bo(17386)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17386"
              },
              {
                "name": "VU#729894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/729894"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "101776",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
            },
            {
              "name": "oval:org.mitre.oval:def:11539",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539"
            },
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "DSA-546",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-546"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "oval:org.mitre.oval:def:1617",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "gtk-xpm-pixbufcreatefromxpm-bo(17386)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17386"
            },
            {
              "name": "VU#729894",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/729894"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0782",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "101776",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
                },
                {
                  "name": "oval:org.mitre.oval:def:11539",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539"
                },
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "DSA-546",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-546"
                },
                {
                  "name": "http://scary.beasts.org/security/CESA-2004-005.txt",
                  "refsource": "MISC",
                  "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "oval:org.mitre.oval:def:1617",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                },
                {
                  "name": "gtk-xpm-pixbufcreatefromxpm-bo(17386)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17386"
                },
                {
                  "name": "VU#729894",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/729894"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0782",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:47.416Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0783 (GCVE-0-2004-0783)

    Vulnerability from cvelistv5 – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://scary.beasts.org/security/CESA-2004-005.txt x_refsource_MISC
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    http://marc.info/?l=bugtraq&m=109528994916275&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/369358 third-party-advisoryx_refsource_CERT-VN
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:46.830Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "101776",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
              },
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
              },
              {
                "name": "oval:org.mitre.oval:def:9348",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
              },
              {
                "name": "oval:org.mitre.oval:def:1786",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
              },
              {
                "name": "gtk-xpm-xpmextractcolor-bo(17385)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
              },
              {
                "name": "VU#369358",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/369358"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "MDKSA-2004:096",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "101776",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
            },
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
            },
            {
              "name": "oval:org.mitre.oval:def:9348",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
            },
            {
              "name": "oval:org.mitre.oval:def:1786",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
            },
            {
              "name": "gtk-xpm-xpmextractcolor-bo(17385)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
            },
            {
              "name": "VU#369358",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/369358"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "MDKSA-2004:096",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0783",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "101776",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1"
                },
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "http://scary.beasts.org/security/CESA-2004-005.txt",
                  "refsource": "MISC",
                  "url": "http://scary.beasts.org/security/CESA-2004-005.txt"
                },
                {
                  "name": "oval:org.mitre.oval:def:9348",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348"
                },
                {
                  "name": "oval:org.mitre.oval:def:1786",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "20040915 CESA-2004-005: gtk+ XPM decoder",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109528994916275\u0026w=2"
                },
                {
                  "name": "gtk-xpm-xpmextractcolor-bo(17385)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17385"
                },
                {
                  "name": "VU#369358",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/369358"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "MDKSA-2004:096",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0783",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:46.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0753 (GCVE-0-2004-0753)

    Vulnerability from cvelistv5 – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2004/dsa-546 vendor-advisoryx_refsource_DEBIAN
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/825374 third-party-advisoryx_refsource_CERT-VN
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:46.605Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "DSA-546",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-546"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "oval:org.mitre.oval:def:10585",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "gtk-bmp-dos(17383)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17383"
              },
              {
                "name": "VU#825374",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/825374"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "DSA-546",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-546"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "oval:org.mitre.oval:def:10585",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "gtk-bmp-dos(17383)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17383"
            },
            {
              "name": "VU#825374",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/825374"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0753",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "DSA-546",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-546"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "oval:org.mitre.oval:def:10585",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "gtk-bmp-dos(17383)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17383"
                },
                {
                  "name": "VU#825374",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/825374"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0753",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-07-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:46.605Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0788 (GCVE-0-2004-0788)

    Vulnerability from cvelistv5 – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:31
    VLAI
    Summary
    Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    http://www.debian.org/security/2004/dsa-546 vendor-advisoryx_refsource_DEBIAN
    http://www.redhat.com/support/errata/RHSA-2004-466.html vendor-advisoryx_refsource_REDHAT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/419771/100… vendor-advisoryx_refsource_FEDORA
    http://www.mandrakesecure.net/en/advisories/advis… vendor-advisoryx_refsource_MANDRAKE
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.securityfocus.com/bid/11195 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2004-447.html vendor-advisoryx_refsource_REDHAT
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://secunia.com/advisories/17657 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/577654 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:31:46.976Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "DSA-546",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-546"
              },
              {
                "name": "RHSA-2004:466",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
              },
              {
                "name": "gtk-ico-integer-bo(17387)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17387"
              },
              {
                "name": "MDKSA-2005:214",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
              },
              {
                "name": "FLSA-2005:155510",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
              },
              {
                "name": "MDKSA-2004:095",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
              },
              {
                "name": "oval:org.mitre.oval:def:10506",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506"
              },
              {
                "name": "11195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11195"
              },
              {
                "name": "RHSA-2004:447",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
              },
              {
                "name": "CLA-2004:875",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
              },
              {
                "name": "17657",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17657"
              },
              {
                "name": "VU#577654",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/577654"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "DSA-546",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-546"
            },
            {
              "name": "RHSA-2004:466",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
            },
            {
              "name": "gtk-ico-integer-bo(17387)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17387"
            },
            {
              "name": "MDKSA-2005:214",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
            },
            {
              "name": "FLSA-2005:155510",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
            },
            {
              "name": "MDKSA-2004:095",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
            },
            {
              "name": "oval:org.mitre.oval:def:10506",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506"
            },
            {
              "name": "11195",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11195"
            },
            {
              "name": "RHSA-2004:447",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
            },
            {
              "name": "CLA-2004:875",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
            },
            {
              "name": "17657",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17657"
            },
            {
              "name": "VU#577654",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/577654"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0788",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "DSA-546",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-546"
                },
                {
                  "name": "RHSA-2004:466",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-466.html"
                },
                {
                  "name": "gtk-ico-integer-bo(17387)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17387"
                },
                {
                  "name": "MDKSA-2005:214",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214"
                },
                {
                  "name": "FLSA-2005:155510",
                  "refsource": "FEDORA",
                  "url": "http://www.securityfocus.com/archive/1/419771/100/0/threaded"
                },
                {
                  "name": "MDKSA-2004:095",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095"
                },
                {
                  "name": "oval:org.mitre.oval:def:10506",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506"
                },
                {
                  "name": "11195",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11195"
                },
                {
                  "name": "RHSA-2004:447",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-447.html"
                },
                {
                  "name": "CLA-2004:875",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875"
                },
                {
                  "name": "17657",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17657"
                },
                {
                  "name": "VU#577654",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/577654"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0788",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-08-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:31:46.976Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0111 (GCVE-0-2004-0111)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://bugzilla.fedora.us/show_bug.cgi?id=2005 vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.debian.org/security/2004/dsa-464 vendor-advisoryx_refsource_DEBIAN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.redhat.com/support/errata/RHSA-2004-103.html vendor-advisoryx_refsource_REDHAT
    http://www.mandrakesoft.com/security/advisories?n… vendor-advisoryx_refsource_MANDRAKE
    http://www.securityfocus.com/bid/9842 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2004-102.html vendor-advisoryx_refsource_REDHAT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    Date Public
    2004-03-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.431Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FLSA:2005",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
              },
              {
                "name": "gdk-pixbuf-bitmap-dos(15426)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426"
              },
              {
                "name": "DSA-464",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-464"
              },
              {
                "name": "oval:org.mitre.oval:def:845",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845"
              },
              {
                "name": "RHSA-2004:103",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html"
              },
              {
                "name": "MDKSA-2004:020",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020"
              },
              {
                "name": "9842",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9842"
              },
              {
                "name": "RHSA-2004:102",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html"
              },
              {
                "name": "oval:org.mitre.oval:def:846",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-07-17T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FLSA:2005",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
            },
            {
              "name": "gdk-pixbuf-bitmap-dos(15426)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426"
            },
            {
              "name": "DSA-464",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-464"
            },
            {
              "name": "oval:org.mitre.oval:def:845",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845"
            },
            {
              "name": "RHSA-2004:103",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html"
            },
            {
              "name": "MDKSA-2004:020",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020"
            },
            {
              "name": "9842",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9842"
            },
            {
              "name": "RHSA-2004:102",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html"
            },
            {
              "name": "oval:org.mitre.oval:def:846",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0111",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FLSA:2005",
                  "refsource": "FEDORA",
                  "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005"
                },
                {
                  "name": "gdk-pixbuf-bitmap-dos(15426)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426"
                },
                {
                  "name": "DSA-464",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-464"
                },
                {
                  "name": "oval:org.mitre.oval:def:845",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845"
                },
                {
                  "name": "RHSA-2004:103",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html"
                },
                {
                  "name": "MDKSA-2004:020",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020"
                },
                {
                  "name": "9842",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9842"
                },
                {
                  "name": "RHSA-2004:102",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:846",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0111",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.431Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }