{ "id": "CVE-2005-2976", "sourceIdentifier": "secalert@redhat.com", "published": "2005-11-18T06:03:00.000", "lastModified": "2018-10-19T15:34:20.767", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186." } ], "vendorComments": [ { "organization": "Red Hat", "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00" } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-189" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:gnome:gdkpixbuf:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "A033173F-C1F9-48D3-8506-CF4A901FFE14" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.8.6", "matchCriteriaId": "2E38A679-2564-4BF5-98AE-5FCFF6DEA423" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "35165F68-B2DF-401C-98BB-C38C0B308A26" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "5256FECB-1664-4725-A824-DF23331FB73C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B65F6328-250C-4636-8F6F-07239AA52C96" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF78C888-503F-4040-922E-015EBCFA90DE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B60DFB2-1887-4F6F-AF54-7F871C01A54C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "70D5CD7A-6277-4EE4-8F56-694576FEEA1D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B34423D8-1535-47E4-82D0-C082774645F6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "332BE7E7-0E93-40B9-844A-8DAAB690ACB7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "18A885E9-4879-4F72-BBCF-AC0C081B51A4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "9B901FF6-66AD-4C8E-8749-E95F63422849" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "52C41B57-2C10-43DE-B706-8B5B00365066" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "20AD36F1-3E4C-453B-855D-C563E99DB96F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "E84F5E7E-FD39-4D45-8FB5-0F4871D481D1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "CFE543F9-EFC9-41DE-BD6C-B83C4B5845F6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "9AF7554F-F2C6-4009-8D07-2F076B4AD574" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "A3208E1E-942E-4FAF-9A0D-CD8AE034C4B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "1E5D7CDE-B4A9-4215-8E73-443550BCCE75" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "7A6C6043-6F19-4093-BBAD-9C542D151D53" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "D57A5876-F5FB-4CE6-B273-0845037FD7C4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:1.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "BD2A7F0A-9D44-4181-ABD6-B0671C060448" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F07A0C6-7477-4549-A071-F867B4B3E9E1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "898C00AF-C6D1-4B6E-A481-43286F65C995" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "1F5CBE2C-F30F-4B85-871A-EC1647DE4739" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3135B8A6-A121-4064-B1B8-55F096598694" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "5F955CF9-CA4C-4EB4-B06A-CAD34847247F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "024B3A02-D024-47F2-81D5-9244CE1842C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "59536253-143C-409F-86F1-785E0DE7CB3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4FF96CD4-C399-47EA-97C9-E45580A84FB7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C8D6E88E-4307-4199-89B0-399BC24CFEBA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3DCB876-6C88-403D-9A26-8714159E85F7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B7F9A966-69F0-44B0-B4BE-7AE487A47A63" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EB39F0A-3D98-416B-A04F-64526A8F9171" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "23FFBCA5-1B53-47C7-AD9B-1DCCA715B22D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "E149C3C1-328D-4F24-9DD2-E58B1A7A3178" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "92DA1CEF-4225-4C38-8122-978CC9BFA59D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "0D0CA1A9-5FD3-4265-ADFD-C44B77AA62D5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "F2CC94FA-6F95-4F37-B087-BDB169BF5CC8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "3A780737-6DA6-4CEE-BF45-434A3AC4D151" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FDB061F1-A3F0-4763-84C3-AC5C4F2BA40E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C4D43C2-0F1D-4443-A47B-66F801C0F905" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "60267DE7-DE89-4971-886E-DEEB4BABFD98" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "E1661B74-9459-4B40-881B-ED3175766BF6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "D11B8DB5-7BE1-4F57-8C09-FDB64393F87F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C55A70E8-F9FB-4A4B-BDB9-3FCCC1CEF4B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "3872021F-F68A-44E2-9289-5B0FA27D52A6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "026CEABA-AFF8-42F2-9CD4-C7817189EF31" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "9C666C46-FD15-43F9-96EE-1BAFD5E5EAC6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "38C17189-3863-4E78-8B83-EF1EBE2D323F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "2F81B314-F330-48A6-B50F-40BC879F7EA6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "A38A8F42-9136-46B8-89C8-8B2E3FC97AA2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "953CAEF6-5222-4B4B-B1E2-4249706455E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "00F1D03B-E266-44B4-9FBF-132153E602D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "454ADEFC-BF93-4CC8-98CB-836FB25AE6D7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9FC8CF7-3F2C-4709-831D-875EA588EABA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F9C5DAE-C1F8-4CEE-9654-70FD7A5B06E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "51219308-2733-4C4A-AD41-276FDD83ECE6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "49027314-D78C-497C-989D-8DE268FB0FBA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "530DCDFB-B854-4012-9B3C-32497FDC4370" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "D78B02F5-80B1-4290-A897-AC29110558AF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "59651480-81CB-49DD-8BC6-0FCE859BD57C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B683AB8-2BCB-42FC-A961-83B2EDF182D2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "B464B539-E94E-48A7-B5BE-79CE0EEBC4F1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A0EC81E-6356-4101-97DB-5050FF86D72D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "74BBBEEA-BC4F-444A-931A-D321904740BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "BE8C92E7-4479-4884-A6A3-3D2EF65D8A29" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "667A70CB-F98B-4536-A69D-D76E419BC57F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "84422B84-343E-4D2C-95AB-744EAF6E6B5D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "17DFDEC4-B4E5-4695-B26F-C01BEF5D3AE4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "DDBF7DD7-44C3-491A-AAEE-D9BA58E23838" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "5D4C2CEB-F666-4EA6-833A-1FCFBA7C9786" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "D2F386D6-C621-4E96-896F-267B8B09AF55" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8F33A83-71DC-4007-8D2B-E5D8E88D7F94" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E088423-5FC6-49DC-B7F5-C99324855683" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "78965E39-13F6-4184-9C1B-8BF89559C7C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FFC68885-F924-49EA-B55F-15EAC1A6351C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "EE0EBC65-D3F7-4ED1-86A6-48DF0F249B6A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "68297110-496C-4784-BDA7-372C9E0AE866" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BFAEDB2-70D6-4F8F-A7C1-E066BE8CD9EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "6801D6EA-5FCA-4B0B-AB94-221F5586AF38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "11DBDA41-23DE-4710-B7EA-A7E4178172BD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "5D52C8C0-8C21-44F7-A358-F95980F16F5F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "66C4C159-B5FB-4EA0-8175-97BE116E66E7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gtk:gtk\\+:2.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "EFFF1EB1-B408-44F4-A919-B75299407E49" } ] } ] } ], "references": [ { "url": "http://securitytracker.com/id?1015216", "source": "secalert@redhat.com" }, { "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf", "source": "secalert@redhat.com" }, { "url": "http://www.debian.org/security/2005/dsa-911", "source": "secalert@redhat.com" }, { "url": "http://www.debian.org/security/2005/dsa-913", "source": "secalert@redhat.com" }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml", "source": "secalert@redhat.com" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:214", "source": "secalert@redhat.com" }, { "url": "http://www.novell.com/linux/security/advisories/2005_65_gtk2.html", "source": "secalert@redhat.com" }, { "url": "http://www.redhat.com/support/errata/RHSA-2005-810.html", "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/archive/1/428052/100/0/threaded", "source": "secalert@redhat.com" }, { "url": "http://www.securityfocus.com/bid/15428", "source": "secalert@redhat.com" }, { "url": "http://www.ubuntu.com/usn/usn-216-1", "source": "secalert@redhat.com" }, { "url": "http://www.vupen.com/english/advisories/2005/2433", "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370", "source": "secalert@redhat.com" } ] }