漏洞信息详情
GDK-Pixbuf多个安全漏洞
- CNNVD编号:CNNVD-200410-057
- 危害等级: 中危
![图片[1]-GDK-Pixbuf多个安全漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-26/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2004-0788
- 漏洞类型:
设计错误
- 发布时间:
2004-09-15
- 威胁类型:
远程
- 更新时间:
2010-04-02
- 厂 商:
gtk - 漏洞来源:
Chris Evans※ chris… -
漏洞简介
gdk-pixbuf是一个用于图像加载和像素缓冲处理的工具包。
gdk-pixbuf存在多个问题,远程攻击者可以利用这个漏洞进行拒绝服务或缓冲区溢出攻击。
第一个问题(CAN-2004-0753)是在尝试对BMP图象进行解码时,在部分条件下,库会进入无限循环,消耗大量CPU资源。
第二和第三个问题是当库对XPM图象进行解码时,特殊构建的图象文件可导致使用此库的应用程序崩溃或可能执行用户提供的代码。
第四个和最后一个漏洞是在尝试解析ICO图象时,特殊的ICO文件可导致应用程序崩溃。
漏洞公告
厂商补丁:
Debian
——
Debian已经为此发布了安全公告(DSA-549-1、DSA-546-1)以及相应补丁:
DSA-549-1:New gtk+2.0 packages fix several vulnerabilities
链接:http://www.debian.org/security/2002/dsa-549” target=”_blank”>
http://www.debian.org/security/2002/dsa-549
DSA-546-1:New gdk-pixbuf packages fix several vulnerabilities
链接:http://www.debian.org/security/2002/dsa-546” target=”_blank”>
http://www.debian.org/security/2002/dsa-546
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody2.dsc” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody2.dsc
Size/MD5 checksum: 863 e1fb1114b9e8a2a41696f9ce87e63695
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody2.diff.gz” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody2.diff.gz
Size/MD5 checksum: 46831 2efce3a3481974044c1a6a1011954f18
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2.orig.tar.gz” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2.orig.tar.gz
Size/MD5 checksum: 7835836 dc80381b84458d944c5300a1672c099c
Architecture independent components:
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-doc_2.0.2-5woody2_all.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-doc_2.0.2-5woody2_all.deb
Size/MD5 checksum: 1378706 d2d6f488c0a77c93ed5a8fd151741543
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_alpha.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_alpha.deb
Size/MD5 checksum: 220806 d754d0cecc3f82d64be319c55dff5c8e
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_alpha.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_alpha.deb
Size/MD5 checksum: 1102 d3ccf8d6e3b666f6dc71c35f20a6cb77
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_alpha.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_alpha.deb
Size/MD5 checksum: 1585238 13f238596d197ad27933c3f3e27269f7
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_alpha.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_alpha.deb
Size/MD5 checksum: 595896 57264f5be6eb488ea9607cd2f7058e08
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_alpha.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_alpha.deb
Size/MD5 checksum: 5878498 0ffc094ffe8ef6fdd11b38484ea90477
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_alpha.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_alpha.deb
Size/MD5 checksum: 178322 14de2746abdb546a703aeec243e28a12
ARM architecture:
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_arm.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_arm.deb
Size/MD5 checksum: 214610 c2a2b4874321a68a912afcac8efe4432
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_arm.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_arm.deb
Size/MD5 checksum: 1106 d78aba4e1a787ac217dc055dc8e5d77a
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_arm.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_arm.deb
Size/MD5 checksum: 1419902 92ed65acd376e565968d534df0e56b4f
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_arm.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_arm.deb
Size/MD5 checksum: 595286 a8f465878ea70bb232fc4fc7d460462d
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_arm.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_arm.deb
Size/MD5 checksum: 2904044 843cba67b1831b001b9186c11d7d5c72
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_arm.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_arm.deb
Size/MD5 checksum: 177272 f02861b5aa96ea782f041db0ba00fe11
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_i386.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_i386.deb
Size/MD5 checksum: 214932 abd81a3388a82c15364189b0321c931a
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_i386.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_i386.deb
Size/MD5 checksum: 1102 6a63e94e140d45afd8d30f1a6aeaf4fa
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_i386.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_i386.deb
Size/MD5 checksum: 1289428 a1f0196674f1556a9700a29912ed4b77
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_i386.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_i386.deb
Size/MD5 checksum: 595384 485b9ec09c0ddfa5564b25c2fcec58f7
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_i386.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_i386.deb
Size/MD5 checksum: 2722306 a59b27568500db9dcd8a2ffbf2866f2b
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_i386.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_i386.deb
Size/MD5 checksum: 177140 245e88cb2addad57e7273b76fb145930
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_ia64.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_ia64.deb
Size/MD5 checksum: 230652 df3f392fc1d8f749134f03413e6b07b3
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_ia64.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_ia64.deb
Size/MD5 checksum: 1098 9f692a19e0d16699852bf7c16de2a05b
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_ia64.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_ia64.deb
Size/MD5 checksum: 2076782 8b4e1e4a232881916a2da1f39f3bff18
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_ia64.deb” target=”_blank”>
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_ia64.deb
Size/MD5 checksum: 596736 fbaedfd29974d78a92de77666be3ca6a
http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-
来源:US-CERT Vulnerability Note: VU#577654
名称: VU#577654
链接:http://www.kb.cert.org/vuls/id/577654
来源: REDHAT
名称: RHSA-2004:466
链接:http://www.redhat.com/support/errata/RHSA-2004-466.html
来源: REDHAT
名称: RHSA-2004:447
链接:http://www.redhat.com/support/errata/RHSA-2004-447.html
来源: FEDORA
名称: FLSA:2005
链接:https://bugzilla.fedora.us/show_bug.cgi?id=2005
来源: XF
名称: gtk-ico-integer-bo(17387)
链接:http://xforce.iss.net/xforce/xfdb/17387
来源: MANDRAKE
名称: MDKSA-2004:095
链接:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095
来源: DEBIAN
名称: DSA-546
链接:http://www.debian.org/security/2004/dsa-546
来源: OVAL
名称: oval:org.mitre.oval:def:10506
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10506
来源: BID
名称: 11195
链接:http://www.securityfocus.com/bid/11195
来源: FEDORA
名称: FLSA-2005:155510
链接:http://www.securityfocus.com/archive/1/archive/1/419771/100/0/threaded
来源: MANDRIVA
名称: MDKSA-2005:214
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:214
来源: SECUNIA
名称: 17657
链接:http://secunia.com/advisories/17657
来源: CONECTIVA
名称: CLA-2004:875
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
