CVE-2003-0444

Name of the Vulnerable Software and Affected Versions GTKSee versions 0.5 through 0.5.1

Description The issue concerns multiple vulnerabilities in the GTKSee package of the Debian GNU/Linux operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, a heap-based buffer overflow in GTKSee versions 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.

Recommendations For GTKSee versions 0.5 and 0.5.1, consider disabling the handling of PNG images until a patch is available. Restrict access to the GTKSee package to minimize the risk of exploitation. Avoid using the GTKSee package for processing untrusted images until the issue is resolved.