GTK+, imlib, lessTif and libXPM libraries XPM files integer overflows updated since 16.09.2004
Published:		16.11.2005
Source:		BUGTRAQ
SecurityVulns ID:		4009
Type:		library
Level:		7/10
Description:		Integer overflow leads to heap based and stack based buffer overflow.

Affected:		IMLIB : imlib 1.9
		XFREE : XFree86 4.6
		GTKPLUS : gtk+ 2.4
		GDKPLUS : gdk-pixbuf 0.22
		X.ORG : libXpm 3.4
		LESSTIF : lesstif 0.93
		OPENMOTIF : openmotif 2.2

Original document		IDEFENSE, iDEFENSE Security Advisory 11.15.05: Multiple Vendor GTK+ gdk-pixbuf XPM Loader Heap Overflow Vulnerability (16.11.2005)
		UBUNTU, [Full-Disclosure] [USN-83-1] LessTif 2 vulnerabilities (16.02.2005)
		Thierry Carrez, [Full-Disclosure] [ GLSA 200412-03 ] imlib: Buffer overflows in image decoding (07.12.2004)
		Chris Evans, CESA-2004-004: libXpm (16.09.2004)
		Chris Evans, CESA-2004-005: gtk+ XPM decoder (16.09.2004)

Files:		gtk+ XPM decoder overflows demo XPM
Discuss:		Read or add your comments to this news (0 comments)