CVE-2012-2370

Name of the Vulnerable Software and Affected Versions gdk-pixbuf versions prior to 2.26.1

Description The issue is related to multiple integer overflows in the read bitmap file data function in io-xbm.c, which can be triggered by a negative height or width in an XBM file. This can cause a heap-based buffer overflow, leading to a denial of service (application crash). The vulnerability can be exploited remotely.

Recommendations For versions prior to 2.26.1, update to version 2.26.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of XBM files or disabling the read bitmap file data function until a patch is available.