CVE-2004-0782

Name of the Vulnerable Software and Affected Versions gtk2 versions 2.4.4 and earlier gdk-pixbuf versions prior to 0.22

Description The issue is related to multiple vulnerabilities in the gtk2 and gdk-pixbuf packages, which can lead to disruption of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be done remotely. Specifically, an integer overflow in the pixbuf create from xpm function in the XPM image decoder for gtk+ 2.4.4 and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n col and cpp values that enable a heap-based buffer overflow.

Recommendations For gtk2 versions 2.4.4 and earlier, consider updating to a version later than 2.4.4 to resolve the issue. For gdk-pixbuf versions prior to 0.22, consider updating to version 0.22 or later to resolve the issue. As a temporary workaround, consider restricting the use of the XPM image decoder in the affected packages until a patch is available.