Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 24003

Summary: media-gfx/gtksee
Product: Gentoo Linux Reporter: Daniel Ahlberg (RETIRED) <aliz>
Component: New packagesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: critical    
Priority: Highest    
Version: 1.0   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Daniel Ahlberg (RETIRED) gentoo-dev 2003-07-06 13:45:44 UTC 
-------------------------------------------------------------------------- 
Debian Security Advisory DSA 337-1                     security@debian.org 
http://www.debian.org/security/                             Matt Zimmerman 
June 29th, 2003                          http://www.debian.org/security/faq 
-------------------------------------------------------------------------- 
 
Package        : gtksee 
Vulnerability  : buffer overflow 
Problem-Type   : local 
Debian-specific: no 
CVE Ids        : CAN-2003-0444 
 
Viliam Holub discovered a bug in gtksee whereby, when loading PNG 
images of certain color depths, gtksee would overflow a heap-allocated 
buffer.  This vulnerability could be exploited by an attacker using a 
carefully constructed PNG image to execute arbitrary code when the 
victim loads the file in gtksee.
Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev 2003-07-11 07:45:15 UTC 
glsa sent