CVE-2004-0788

Name of the Vulnerable Software and Affected Versions gdk-pixbuf versions prior to 0.22 gtk2 versions prior to 2.2.4

Description The issue is related to an integer overflow in the ICO image decoder, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash. This can be achieved through a crafted ICO file. Additionally, multiple vulnerabilities in the gtk2 and gdk-pixbuf packages may lead to disruptions in confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For gdk-pixbuf versions prior to 0.22, update to version 0.22 or later to resolve the issue. For gtk2 versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ICO image decoder function in gdk-pixbuf until a patch is available. Avoid using crafted ICO files in the affected applications until the issue is resolved.