Vulnerability-Lookup

CVE-2012-2370 (GCVE-0-2012-2370)

Vulnerability from cvelistv5 – Published: 2012-08-13 20:00 – Updated: 2024-08-06 19:34

Summary

Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

GSD-2012-2370

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-2370

Aliases

CVE-2012-2370

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-2370",
    "description": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.",
    "id": "GSD-2012-2370",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-2370.html",
      "https://access.redhat.com/errata/RHSA-2013:0135",
      "https://linux.oracle.com/cve/CVE-2012-2370.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-2370"
      ],
      "details": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.",
      "id": "GSD-2012-2370",
      "modified": "2023-12-13T01:20:15.796444Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2012-2370",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://git.gnome.org/browse/gdk-pixbuf/",
            "refsource": "MISC",
            "url": "http://git.gnome.org/browse/gdk-pixbuf/"
          },
          {
            "name": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22",
            "refsource": "MISC",
            "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22"
          },
          {
            "name": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516",
            "refsource": "MISC",
            "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2013-0135.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0135.html"
          },
          {
            "name": "http://secunia.com/advisories/49125",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/49125"
          },
          {
            "name": "http://secunia.com/advisories/49715",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/49715"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2012/05/15/8",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2012/05/15/8"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2012/05/15/9",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2012/05/15/9"
          },
          {
            "name": "http://www.securityfocus.com/bid/53548",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/53548"
          },
          {
            "name": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150",
            "refsource": "MISC",
            "url": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75578",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75578"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.25.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.25.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.23.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.24.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.23.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.23.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:2.24.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnome:gdk-pixbuf:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.26.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-2370"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22"
            },
            {
              "name": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150"
            },
            {
              "name": "49715",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/49715"
            },
            {
              "name": "[oss-security] 20120515 Re: CVE Request: gdk-pixbuf Integer overflow in XBM file loader",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/05/15/9"
            },
            {
              "name": "[oss-security] 20120515 CVE Request: gdk-pixbuf Integer overflow in XBM file loader",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/05/15/8"
            },
            {
              "name": "49125",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/49125"
            },
            {
              "name": "http://git.gnome.org/browse/gdk-pixbuf/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://git.gnome.org/browse/gdk-pixbuf/"
            },
            {
              "name": "GLSA-201206-20",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml"
            },
            {
              "name": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516"
            },
            {
              "name": "53548",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/53548"
            },
            {
              "name": "RHSA-2013:0135",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0135.html"
            },
            {
              "name": "gdkpixbuf-readbitmapfiledata-bo(75578)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75578"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T04:33Z",
      "publishedDate": "2012-08-13T20:55Z"
    }
  }
}

GHSA-PW9J-X6MR-PH3R

Vulnerability from github – Published: 2022-05-17 01:46 – Updated: 2025-04-11 04:00

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-2370"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-08-13T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.",
  "id": "GHSA-pw9j-x6mr-ph3r",
  "modified": "2025-04-11T04:00:30Z",
  "published": "2022-05-17T01:46:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2370"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2013:0135"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2012-2370"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822468"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75578"
    },
    {
      "type": "WEB",
      "url": "http://git.gnome.org/browse/gdk-pixbuf"
    },
    {
      "type": "WEB",
      "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22"
    },
    {
      "type": "WEB",
      "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0135.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/49125"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/49715"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/05/15/8"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/05/15/9"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/53548"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2012-2370

Vulnerability from fkie_nvd - Published: 2012-08-13 20:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://git.gnome.org/browse/gdk-pixbuf/
secalert@redhat.com	http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22	Exploit, Patch
secalert@redhat.com	http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516	Patch
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-0135.html
secalert@redhat.com	http://secunia.com/advisories/49125	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/49715	Vendor Advisory
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/05/15/8
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/05/15/9
secalert@redhat.com	http://www.securityfocus.com/bid/53548
secalert@redhat.com	https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150	Exploit
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/75578
af854a3a-2127-422b-91ae-364da2661108	http://git.gnome.org/browse/gdk-pixbuf/
af854a3a-2127-422b-91ae-364da2661108	http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516	Patch
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-0135.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/49125	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/49715	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/05/15/8
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/05/15/9
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/53548
af854a3a-2127-422b-91ae-364da2661108	https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/75578

Impacted products

Vendor	Product	Version
gnome	gdk-pixbuf	*
gnome	gdk-pixbuf	2.23.3
gnome	gdk-pixbuf	2.23.4
gnome	gdk-pixbuf	2.23.5
gnome	gdk-pixbuf	2.24.0
gnome	gdk-pixbuf	2.24.1
gnome	gdk-pixbuf	2.25.0
gnome	gdk-pixbuf	2.25.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EF9014-168C-4B6C-8772-ACC33C1210E1",
              "versionEndIncluding": "2.26.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.23.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B45797BA-3E5D-4273-B443-89717E04393D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.23.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7CDA38C-46A3-4074-9C92-414E81220652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.23.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D961926-F6ED-406D-AD86-7685D6DD8EEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.24.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6362DC2-B5DD-4A14-932A-D6C3E7891C3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AB43163-8A11-4B8C-9472-0CCE9DD194FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.25.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4C539E-FB81-4E26-BD09-F6C8CDE7A1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gdk-pixbuf:2.25.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA143DE8-BC70-4072-851B-C425E592A24E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de enteros en la funci\u00f3n read_bitmap_file_data de io-xbm.c en gdk-pixbuf antes de v2.26.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un valor negativo en la (1) altura o (2) anchura en un archivo XBM, lo que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap).\r\n"
    }
  ],
  "id": "CVE-2012-2370",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-08-13T20:55:03.723",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.gnome.org/browse/gdk-pixbuf/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0135.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/49125"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/49715"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/05/15/8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/05/15/9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/53548"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.gnome.org/browse/gdk-pixbuf/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0135.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/49125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/49715"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/05/15/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/05/15/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/53548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75578"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2013:0135

Vulnerability from csaf_redhat - Published: 2013-01-08 04:39 - Updated: 2025-11-21 17:41

Summary

Red Hat Security Advisory: gtk2 security and bug fix update

Notes

Topic

Updated gtk2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details

GIMP Toolkit (GTK+) is a multi-platform toolkit for creating graphical user interfaces. An integer overflow flaw was found in the X BitMap (XBM) image file loader in GTK+. A remote attacker could provide a specially-crafted XBM image file that, when opened in an application linked against GTK+ (such as Nautilus), would cause the application to crash. (CVE-2012-2370) This update also fixes the following bugs: * Due to a bug in the Input Method GTK+ module, the usage of the Taiwanese Big5 (zh_TW.Big-5) locale led to the unexpected termination of certain applications, such as the GDM greeter. The bug has been fixed, and the Taiwanese locale no longer causes applications to terminate unexpectedly. (BZ#487630) * When a file was initially selected after the GTK+ file chooser dialog was opened and the Location field was visible, pressing the Enter key did not open the file. With this update, the initially selected file is opened regardless of the visibility of the Location field. (BZ#518483) * When a file was initially selected after the GTK+ file chooser dialog was opened and the Location field was visible, pressing the Enter key did not change into the directory. With this update, the dialog changes into the initially selected directory regardless of the visibility of the Location field. (BZ#523657) * Previously, the GTK Print dialog did not reflect the user-defined printer preferences stored in the ~/.cups/lpoptions file, such as those set in the Default Printer preferences panel. Consequently, the first device in the printer list was always set as a default printer. With this update, the underlying source code has been enhanced to parse the option file. As a result, the default values in the print dialog are set to those previously specified by the user. (BZ#603809) * The GTK+ file chooser did not properly handle saving of nameless files. Consequently, attempting to save a file without specifying a file name caused GTK+ to become unresponsive. With this update, an explicit test for this condition has been added into the underlying source code. As a result, GTK+ no longer hangs in the described scenario. (BZ#702342) * When using certain graphics tablets, the GTK+ library incorrectly translated the input coordinates. Consequently, an offset occurred between the position of the pen and the content drawn on the screen. This issue was limited to the following configuration: a Wacom tablet with input coordinates bound to a single monitor in a dual head configuration, drawing with a pen with the pressure sensitivity option enabled. With this update, the coordinate translation method has been changed, and the offset is no longer present in the described configuration. (BZ#743658) * Previously, performing drag and drop operations on tabs in applications using the GtkNotebook widget could lead to releasing the same resource twice. Eventually, this behavior caused the applications to terminate with a segmentation fault. This bug has been fixed, and the applications using GtkNotebook no longer terminate in the aforementioned scenario. (BZ#830901) All users of GTK+ are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated gtk2 packages that fix one security issue and several bugs are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "GIMP Toolkit (GTK+) is a multi-platform toolkit for creating graphical user\ninterfaces.\n\nAn integer overflow flaw was found in the X BitMap (XBM) image file loader\nin GTK+. A remote attacker could provide a specially-crafted XBM image file\nthat, when opened in an application linked against GTK+ (such as Nautilus),\nwould cause the application to crash. (CVE-2012-2370)\n\nThis update also fixes the following bugs:\n\n* Due to a bug in the Input Method GTK+ module, the usage of the Taiwanese\nBig5 (zh_TW.Big-5) locale led to the unexpected termination of certain\napplications, such as the GDM greeter. The bug has been fixed, and the\nTaiwanese locale no longer causes applications to terminate unexpectedly.\n(BZ#487630)\n\n* When a file was initially selected after the GTK+ file chooser dialog was\nopened and the Location field was visible, pressing the Enter key did not\nopen the file. With this update, the initially selected file is opened\nregardless of the visibility of the Location field. (BZ#518483)\n\n* When a file was initially selected after the GTK+ file chooser dialog was\nopened and the Location field was visible, pressing the Enter key did not\nchange into the directory. With this update, the dialog changes into the\ninitially selected directory regardless of the visibility of the Location\nfield. (BZ#523657)\n\n* Previously, the GTK Print dialog did not reflect the user-defined printer\npreferences stored in the ~/.cups/lpoptions file, such as those set in the\nDefault Printer preferences panel. Consequently, the first device in the\nprinter list was always set as a default printer. With this update, the\nunderlying source code has been enhanced to parse the option file. As a\nresult, the default values in the print dialog are set to those previously\nspecified by the user. (BZ#603809)\n\n* The GTK+ file chooser did not properly handle saving of nameless files.\nConsequently, attempting to save a file without specifying a file name\ncaused GTK+ to become unresponsive. With this update, an explicit test for\nthis condition has been added into the underlying source code. As a result,\nGTK+ no longer hangs in the described scenario. (BZ#702342)\n\n* When using certain graphics tablets, the GTK+ library incorrectly\ntranslated the input coordinates. Consequently, an offset occurred between\nthe position of the pen and the content drawn on the screen. This issue was\nlimited to the following configuration: a Wacom tablet with input\ncoordinates bound to a single monitor in a dual head configuration, drawing\nwith a pen with the pressure sensitivity option enabled. With this update,\nthe coordinate translation method has been changed, and the offset is no\nlonger present in the described configuration. (BZ#743658)\n\n* Previously, performing drag and drop operations on tabs in applications\nusing the GtkNotebook widget could lead to releasing the same resource\ntwice. Eventually, this behavior caused the applications to terminate with\na segmentation fault. This bug has been fixed, and the applications using\nGtkNotebook no longer terminate in the aforementioned scenario. (BZ#830901)\n\nAll users of GTK+ are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:0135",
        "url": "https://access.redhat.com/errata/RHSA-2013:0135"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "487630",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487630"
      },
      {
        "category": "external",
        "summary": "518483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=518483"
      },
      {
        "category": "external",
        "summary": "603809",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=603809"
      },
      {
        "category": "external",
        "summary": "822468",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822468"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0135.json"
      }
    ],
    "title": "Red Hat Security Advisory: gtk2 security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T17:41:49+00:00",
      "generator": {
        "date": "2025-11-21T17:41:49+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2013:0135",
      "initial_release_date": "2013-01-08T04:39:00+00:00",
      "revision_history": [
        {
          "date": "2013-01-08T04:39:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-01-08T04:44:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:41:49+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                  "product_id": "5Client-Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.src",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.src",
                  "product_id": "gtk2-0:2.10.4-29.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.x86_64",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.x86_64",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.x86_64",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.x86_64",
                  "product_id": "gtk2-0:2.10.4-29.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.i386",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.i386",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.i386",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.i386",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.i386",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.i386",
                  "product_id": "gtk2-0:2.10.4-29.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.s390",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.s390",
                  "product_id": "gtk2-0:2.10.4-29.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.s390",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.s390",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.s390x",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.s390x",
                  "product_id": "gtk2-0:2.10.4-29.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.s390x",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.s390x",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390x",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390x",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.ia64",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.ia64",
                  "product_id": "gtk2-0:2.10.4-29.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.ia64",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.ia64",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.ia64",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.ia64",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.ppc64",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.ppc64",
                  "product_id": "gtk2-0:2.10.4-29.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.ppc64",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.ppc64",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gtk2-0:2.10.4-29.el5.ppc",
                "product": {
                  "name": "gtk2-0:2.10.4-29.el5.ppc",
                  "product_id": "gtk2-0:2.10.4-29.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2@2.10.4-29.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-devel-0:2.10.4-29.el5.ppc",
                "product": {
                  "name": "gtk2-devel-0:2.10.4-29.el5.ppc",
                  "product_id": "gtk2-devel-0:2.10.4-29.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-devel@2.10.4-29.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc",
                "product": {
                  "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc",
                  "product_id": "gtk2-debuginfo-0:2.10.4-29.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gtk2-debuginfo@2.10.4-29.el5?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.src"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.src",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.src"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-debuginfo-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:gtk2-devel-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.src"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-debuginfo-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.i386"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.ia64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.ppc"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.ppc64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.s390"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.s390x"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gtk2-devel-0:2.10.4-29.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:gtk2-devel-0:2.10.4-29.el5.x86_64"
        },
        "product_reference": "gtk2-devel-0:2.10.4-29.el5.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-2370",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2012-05-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "822468"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gdk-pixbuf: DoS (GLib error and application abort) due to an integer overflow in the XBM image file format loader",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.i386",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.ia64",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc64",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390x",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.src",
          "5Client-Workstation:gtk2-0:2.10.4-29.el5.x86_64",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.i386",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
          "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.i386",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ia64",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc64",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390x",
          "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.x86_64",
          "5Client:gtk2-0:2.10.4-29.el5.i386",
          "5Client:gtk2-0:2.10.4-29.el5.ia64",
          "5Client:gtk2-0:2.10.4-29.el5.ppc",
          "5Client:gtk2-0:2.10.4-29.el5.ppc64",
          "5Client:gtk2-0:2.10.4-29.el5.s390",
          "5Client:gtk2-0:2.10.4-29.el5.s390x",
          "5Client:gtk2-0:2.10.4-29.el5.src",
          "5Client:gtk2-0:2.10.4-29.el5.x86_64",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.i386",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
          "5Client:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
          "5Client:gtk2-devel-0:2.10.4-29.el5.i386",
          "5Client:gtk2-devel-0:2.10.4-29.el5.ia64",
          "5Client:gtk2-devel-0:2.10.4-29.el5.ppc",
          "5Client:gtk2-devel-0:2.10.4-29.el5.ppc64",
          "5Client:gtk2-devel-0:2.10.4-29.el5.s390",
          "5Client:gtk2-devel-0:2.10.4-29.el5.s390x",
          "5Client:gtk2-devel-0:2.10.4-29.el5.x86_64",
          "5Server:gtk2-0:2.10.4-29.el5.i386",
          "5Server:gtk2-0:2.10.4-29.el5.ia64",
          "5Server:gtk2-0:2.10.4-29.el5.ppc",
          "5Server:gtk2-0:2.10.4-29.el5.ppc64",
          "5Server:gtk2-0:2.10.4-29.el5.s390",
          "5Server:gtk2-0:2.10.4-29.el5.s390x",
          "5Server:gtk2-0:2.10.4-29.el5.src",
          "5Server:gtk2-0:2.10.4-29.el5.x86_64",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.i386",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
          "5Server:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
          "5Server:gtk2-devel-0:2.10.4-29.el5.i386",
          "5Server:gtk2-devel-0:2.10.4-29.el5.ia64",
          "5Server:gtk2-devel-0:2.10.4-29.el5.ppc",
          "5Server:gtk2-devel-0:2.10.4-29.el5.ppc64",
          "5Server:gtk2-devel-0:2.10.4-29.el5.s390",
          "5Server:gtk2-devel-0:2.10.4-29.el5.s390x",
          "5Server:gtk2-devel-0:2.10.4-29.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-2370"
        },
        {
          "category": "external",
          "summary": "RHBZ#822468",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822468"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-2370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-2370"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2370",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2370"
        }
      ],
      "release_date": "2012-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-01-08T04:39:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.i386",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.ia64",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc64",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390x",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.src",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.x86_64",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.i386",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.i386",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ia64",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc64",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390x",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.x86_64",
            "5Client:gtk2-0:2.10.4-29.el5.i386",
            "5Client:gtk2-0:2.10.4-29.el5.ia64",
            "5Client:gtk2-0:2.10.4-29.el5.ppc",
            "5Client:gtk2-0:2.10.4-29.el5.ppc64",
            "5Client:gtk2-0:2.10.4-29.el5.s390",
            "5Client:gtk2-0:2.10.4-29.el5.s390x",
            "5Client:gtk2-0:2.10.4-29.el5.src",
            "5Client:gtk2-0:2.10.4-29.el5.x86_64",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.i386",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
            "5Client:gtk2-devel-0:2.10.4-29.el5.i386",
            "5Client:gtk2-devel-0:2.10.4-29.el5.ia64",
            "5Client:gtk2-devel-0:2.10.4-29.el5.ppc",
            "5Client:gtk2-devel-0:2.10.4-29.el5.ppc64",
            "5Client:gtk2-devel-0:2.10.4-29.el5.s390",
            "5Client:gtk2-devel-0:2.10.4-29.el5.s390x",
            "5Client:gtk2-devel-0:2.10.4-29.el5.x86_64",
            "5Server:gtk2-0:2.10.4-29.el5.i386",
            "5Server:gtk2-0:2.10.4-29.el5.ia64",
            "5Server:gtk2-0:2.10.4-29.el5.ppc",
            "5Server:gtk2-0:2.10.4-29.el5.ppc64",
            "5Server:gtk2-0:2.10.4-29.el5.s390",
            "5Server:gtk2-0:2.10.4-29.el5.s390x",
            "5Server:gtk2-0:2.10.4-29.el5.src",
            "5Server:gtk2-0:2.10.4-29.el5.x86_64",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.i386",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
            "5Server:gtk2-devel-0:2.10.4-29.el5.i386",
            "5Server:gtk2-devel-0:2.10.4-29.el5.ia64",
            "5Server:gtk2-devel-0:2.10.4-29.el5.ppc",
            "5Server:gtk2-devel-0:2.10.4-29.el5.ppc64",
            "5Server:gtk2-devel-0:2.10.4-29.el5.s390",
            "5Server:gtk2-devel-0:2.10.4-29.el5.s390x",
            "5Server:gtk2-devel-0:2.10.4-29.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0135"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.i386",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.ia64",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.ppc64",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.s390x",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.src",
            "5Client-Workstation:gtk2-0:2.10.4-29.el5.x86_64",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.i386",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
            "5Client-Workstation:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.i386",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ia64",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.ppc64",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.s390x",
            "5Client-Workstation:gtk2-devel-0:2.10.4-29.el5.x86_64",
            "5Client:gtk2-0:2.10.4-29.el5.i386",
            "5Client:gtk2-0:2.10.4-29.el5.ia64",
            "5Client:gtk2-0:2.10.4-29.el5.ppc",
            "5Client:gtk2-0:2.10.4-29.el5.ppc64",
            "5Client:gtk2-0:2.10.4-29.el5.s390",
            "5Client:gtk2-0:2.10.4-29.el5.s390x",
            "5Client:gtk2-0:2.10.4-29.el5.src",
            "5Client:gtk2-0:2.10.4-29.el5.x86_64",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.i386",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
            "5Client:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
            "5Client:gtk2-devel-0:2.10.4-29.el5.i386",
            "5Client:gtk2-devel-0:2.10.4-29.el5.ia64",
            "5Client:gtk2-devel-0:2.10.4-29.el5.ppc",
            "5Client:gtk2-devel-0:2.10.4-29.el5.ppc64",
            "5Client:gtk2-devel-0:2.10.4-29.el5.s390",
            "5Client:gtk2-devel-0:2.10.4-29.el5.s390x",
            "5Client:gtk2-devel-0:2.10.4-29.el5.x86_64",
            "5Server:gtk2-0:2.10.4-29.el5.i386",
            "5Server:gtk2-0:2.10.4-29.el5.ia64",
            "5Server:gtk2-0:2.10.4-29.el5.ppc",
            "5Server:gtk2-0:2.10.4-29.el5.ppc64",
            "5Server:gtk2-0:2.10.4-29.el5.s390",
            "5Server:gtk2-0:2.10.4-29.el5.s390x",
            "5Server:gtk2-0:2.10.4-29.el5.src",
            "5Server:gtk2-0:2.10.4-29.el5.x86_64",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.i386",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ia64",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.ppc64",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.s390x",
            "5Server:gtk2-debuginfo-0:2.10.4-29.el5.x86_64",
            "5Server:gtk2-devel-0:2.10.4-29.el5.i386",
            "5Server:gtk2-devel-0:2.10.4-29.el5.ia64",
            "5Server:gtk2-devel-0:2.10.4-29.el5.ppc",
            "5Server:gtk2-devel-0:2.10.4-29.el5.ppc64",
            "5Server:gtk2-devel-0:2.10.4-29.el5.s390",
            "5Server:gtk2-devel-0:2.10.4-29.el5.s390x",
            "5Server:gtk2-devel-0:2.10.4-29.el5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "gdk-pixbuf: DoS (GLib error and application abort) due to an integer overflow in the XBM image file format loader"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-2370 (GCVE-0-2012-2370)

GSD-2012-2370

GHSA-PW9J-X6MR-PH3R

FKIE_CVE-2012-2370

RHSA-2013:0135

Tags

Sightings

Nomenclature