24003 – media-gfx/gtksee

Bug 24003 - media-gfx/gtksee

Summary: media-gfx/gtksee

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	Highest critical (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-07-06 13:45 UTC by Daniel Ahlberg (RETIRED)
Modified:	2003-07-11 07:45 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Ahlberg (RETIRED) gentoo-dev

2003-07-06 13:45:44 UTC

-------------------------------------------------------------------------- 
Debian Security Advisory DSA 337-1                     security@debian.org 
http://www.debian.org/security/                             Matt Zimmerman 
June 29th, 2003                          http://www.debian.org/security/faq 
-------------------------------------------------------------------------- 
 
Package        : gtksee 
Vulnerability  : buffer overflow 
Problem-Type   : local 
Debian-specific: no 
CVE Ids        : CAN-2003-0444 
 
Viliam Holub discovered a bug in gtksee whereby, when loading PNG 
images of certain color depths, gtksee would overflow a heap-allocated 
buffer.  This vulnerability could be exploited by an attacker using a 
carefully constructed PNG image to execute arbitrary code when the 
victim loads the file in gtksee.

Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev

2003-07-11 07:45:15 UTC

glsa sent