VUPEN Security - Fedora Security Update Fixes GdkPixbuf Buffer Overflow Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Malware Advisories

Security Research

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> Fedora Security Update Fixes GdkPixbuf Buffer Overflow Vulnerabilities

Title : Fedora Security Update Fixes GdkPixbuf Buffer Overflow Vulnerabilities
VUPEN ID : VUPEN/ADV-2005-2436
CVE ID : CVE-2005-2975 - CVE-2005-2976 - CVE-2005-3186
Rated as : High Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-11-15

Technical Description

Receive VUPEN Security alerts in a Text format

Receive VUPEN Security alerts in a PDF format

Receive VUPEN Security alerts in an XML format

Receive VUPEN Security notifications by SMS

Fedora has released updated packages to correct multiple vulnerabilities identified in GdkPixbuf. These flaws could be exploited by remote attackers to execute arbitrary commands or cause a denial of service. For additional information, see : VUPEN/ADV-2005-2433

Affected Products

Fedora Core 4
Fedora Core 3

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

7c780b05008f3e1999bf8abbb0bb7b7a SRPMS/gdk-pixbuf-0.22.0-18.fc4.2.src.rpm
599efb60ec868f5242a4ca353c0b1ef6 ppc/gdk-pixbuf-0.22.0-18.fc4.2.ppc.rpm
1f18e28bf51ab6e7fb6bd064d91cbd17 ppc/gdk-pixbuf-devel-0.22.0-18.fc4.2.ppc.rpm
1905bece6ab5f5b4c49de5ff2a39e201 ppc/gdk-pixbuf-gnome-0.22.0-18.fc4.2.ppc.rpm
eefdf10dfdd1cd5ba10f81136e0c6662 ppc/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.ppc.rpm
4e478e20404e7167b5b6f30efcd80ed9 ppc/gdk-pixbuf-0.22.0-18.fc4.2.ppc64.rpm
7f2a934348fba04f2a8e9a210701406f x86_64/gdk-pixbuf-0.22.0-18.fc4.2.x86_64.rpm
861b6a186287685c4383e91f1353b77a x86_64/gdk-pixbuf-devel-0.22.0-18.fc4.2.x86_64.rpm
0e760f0a8385a1919962b9f684dabf1c x86_64/gdk-pixbuf-gnome-0.22.0-18.fc4.2.x86_64.rpm
9ef3e8849f5706bc6dc71559af1b056d x86_64/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.x86_64.rpm
212ce3ac8b0fe3f767048a2186cb3766 x86_64/gdk-pixbuf-0.22.0-18.fc4.2.i386.rpm
212ce3ac8b0fe3f767048a2186cb3766 i386/gdk-pixbuf-0.22.0-18.fc4.2.i386.rpm
7e0136afe88fd82d236a2e04ab76bc9a i386/gdk-pixbuf-devel-0.22.0-18.fc4.2.i386.rpm
8128ef8c06fcf1dfb952c84912cab910 i386/gdk-pixbuf-gnome-0.22.0-18.fc4.2.i386.rpm
1fa0933b6e9c7d21fca40b96a162a623 i386/debug/gdk-pixbuf-debuginfo-0.22.0-18.fc4.2.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

36ab9c1c4f1cd6e9b1797da558737ff7 SRPMS/gdk-pixbuf-0.22.0-16.fc3.3.src.rpm
d3246e0d9f3f4c34e0f927a1e236be25 x86_64/gdk-pixbuf-0.22.0-16.fc3.3.x86_64.rpm
9672ba672933f8b4a8f2970395afe517 x86_64/gdk-pixbuf-devel-0.22.0-16.fc3.3.x86_64.rpm
b6d4bb7e18c74776e64cb4336da1bf37 x86_64/gdk-pixbuf-gnome-0.22.0-16.fc3.3.x86_64.rpm
8932ddbd550b967b0fa527a1094ff007 x86_64/debug/gdk-pixbuf-debuginfo-0.22.0-16.fc3.3.x86_64.rpm
726dcbf604c857dd1a7e052cbd866d56 x86_64/gdk-pixbuf-0.22.0-16.fc3.3.i386.rpm
726dcbf604c857dd1a7e052cbd866d56 i386/gdk-pixbuf-0.22.0-16.fc3.3.i386.rpm
0b0866675e8a54cde5bd750fce59195f i386/gdk-pixbuf-devel-0.22.0-16.fc3.3.i386.rpm
fe1596cf330e88c2f4c15155207ea30d i386/gdk-pixbuf-gnome-0.22.0-16.fc3.3.i386.rpm
f3cf4719daf4ba9fbf6e558a45fb4c67 i386/debug/gdk-pixbuf-debuginfo-0.22.0-16.fc3.3.i386.rpm

References

http://www.vupen.com/english/advisories/2005/2436
http://www.frsirt.com/english/reference/856
http://www.frsirt.com/english/reference/855

ChangeLog

2005-11-15 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.

Vulnerability Alerting

Free 14-Day Trial

Latest News

>> 2009-06-10

VUPEN Security Research
Discovered Critical Flaws
in Adobe Acrobat and MS
Office Word

>> 2009-06-02

VUPEN Security Research
Discovered Critical Flaws
in ACDSee Products

>> 2009-05-22

VUPEN Discovered Two
Critical Vulnerabilities in
Novell GroupWise 8 / 7

>> 2009-05-12

Microsoft Patched 14
Office PowerPoint Flaws

>> 2009-04-28

Adobe Reader / Acrobat
Vulnerabilities Disclosed

More Informations